SecurityRatty: tag: fundamental

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle

...fundamental level, when someone in either the private sector or from a government agency considers purchasing or using a software product, one of the questions that may come up is Is it Safe? (Apologies for the lame and over-used Marathon Man movie reference ) . I choose this imprecise reference to safe since most people dont think deeply...

Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...fundamental design requirement of the SDL, could help uncover such design issues and illustrate the need for mitigations Now, lets turn to the Source Code Review of the Hart InterCivic Voting System . Ill try to keep my commentary balanced by selecting two examples here as well From the executive summary Unsecured network interfaces Voters...

Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system

The Daily Incite - February 25, 2008

2008-02-25 09:38:18 by Mike Rothman in Mike Rothman's blog

...fundamental terms, which gets back to Richard's long standing disdain of anything IDS. Given FIRE's two blown quarters right out of the gate, he's not wrong. 3Com's deal falling apart is different. It's largely because of Huawei, but in reality Bain could easily have written a check for the additional investment and taken Huawei out of the...

Tags: information security, information, security, core security, security people, top security news, incite, virtualization security, internet security

The core truth of risk

2008-03-11 11:00:50 by Frank Cassano in BlogInfoSec.com

...fundamental constant in life and has been with us since the first caveman decided to poke his head out of a cave. The trick is to remember what we are here for. The cavemen had probably hundreds of risks that imperiled either him directly his possessions or his family. One caveman lets call him Gronk could have spent years pouring over every...

Tags: risk, risk management, information technology risk, risk rack column, risk analysis, analysis, manage risk, core truth, webster defines risk

The Daily Incite - March 17, 2008 - Dan Geer's SourceBoston Keynote

2008-03-17 17:49:50 by Mike Rothman in Mike Rothman's blog

...fundamental question: "How much security do we want?" That, my friends, is a business decision. It's a risk-based line of thinking and it's the fundamental truth of security. We all need to understand our own organization's thresholds for pain and suffering and act accordingly Dan leaves us with a hopeful message - at least that's how I...

Tags: dan, dan geer, dan leaves, dan reminds, ultimately dan circles, security, security industry, information security, information

SDL and "End to End Trust"

2008-04-17 00:15:00 by sdl in The Security Development Lifecycle

...fundamental requirement necessary for speech recognition. Yet, its also insufficient to realize the broader vision Some of you reading may be thinking But wait Eric, this is a security blog so why are you rambling on about your former roles working on speech recognition? Well, there is an analogy Im trying to draw. The point Ive been leading...

Tags: trust, broader, broader discussion, trust portal, technology, technology progress, broader vision, speech recognition, computer speech recognition

More on Application Security Metrics

2008-05-08 20:05:00 by Security Retentive in Security Retentive

...fundamental design defects that can't be corrected without a fundamental rewrite. The number of attacks resulting from WEP probably isn't known. Even throwing out high profile cases such as TJ Maxx and Home Depot, I'm guessing the damage done is substantial So far then things aren't looking good for using implementation defects as a...

Tags: defects, fundamental design defects, fewer defects, architectural defects, implementation defects, security, application, security design, software developers

The reason behind the "We're sorry..." message

2007-07-09 11:54:00 by Niels Provos in Google Online Security Blog

...fundamental change from remote attack to client based download of malware formed the basis of the research presented in our first post . In retrospect, it is interesting to see how two seemingly unrelated problems are tightly connected

Tags: web servers, vulnerable web servers, message, google, worms, google displays, worms pdf, queries, detect anomalous queries

Citizens Advice stolen laptop was encrypted

2007-12-13 13:37:02 by Evan Francen in The Breach Blog

...fundamental principle of Citizens Advice that people are able to deal with us in confidence. The theft of this laptop is highly regrettable, but given that the potential always exists for the theft of data, we have always sought to ensure that information is secured as strongly as possible through modern encryption systems.", Alcorn In...

Tags: laptop encryption, laptop encryption software, advice, encryption, encryption product, citizens advice, laptop, sought advice, personal data

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo