SecurityRatty: tag: hand

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle

...hand, we dont have any control over it - unless we hand them that information by design. In which case, perhaps we could design to hand over less. At Microsoft, we haven't added it to the chart we ask people to use, and we'll revisit that over time Specific Elements Another thing you might note is that the STRIDE chart is sorta vague. A...

Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats

Do not dismiss the dangers of being stalked

2008-02-25 16:48:00 by John Sexton in The Bullet Proof Blog

...handwriting examined and evaluated by a hand writing expert. On another case, the stalker had sent one of my clients several letters that had been computer generated but he had handwritten her address on the envelopes. I took the envelopes to a highly regarded hand writing expert for subsequent examination The experts evaluation was quite...

Tags: stalkers mind, mind, stalkers, stalker, john lennons stalker, clients husband, stalkers dangerous, clients, stalkers ability

TRICARE breach affects 4,700 households

2007-12-20 12:15:59 by Evan Francen in The Breach Blog

...hand, I commend EDS for disclosing the breach to TRICARE, but on the other hand I am concerned about how long this problem may have gone un-noticed. Web applications acquiring, processing, accessing, storing or interacting with sensitive information in any manner require regular security reviews commensurate with the risk to the such...

Tags: tricare, information, personal information, code review, by-line code review, information security, tricare beneficiaries, beneficiaries, breach

268,000 donors exposed through stolen Memorial Blood Centers laptop

2007-12-06 14:09:42 by Evan Francen in The Breach Blog

...hand, I am always impressed when a CEO comments about a breach of security because it shows recognition of the fact that "the buck stops" with him/her. On the other hand, the comment "We believe the measures securing access to the donor records protect against their inappropriate use" shows a level of naiveness (assuming no encryption ...

Tags: donors, blood, security, security cameras, store social security, memorial blood centers, donors social security, breach description, blood components

Larry Sutos Paper Drama

2008-01-02 14:53:30 by RSnake in ha.ckers.org web application security lab

...hand. This time it comes from the Full-Disclosure mailing list which is known for, among other things disclosing zero-day exploits in applications. My only problem with Full-Disclosure has been the noise, as its unmoderated and although humorously belligerent I generally dont have the time to pay much attention to it anymore. Anyway, Ive read...

Tags: paper, larry sutos paper, scanners, commercial scanners, test environment, environment, test, time, people

University of Iowa inadvertently posts personal data to the Internet

2008-01-15 11:25:40 by Evan Francen in The Breach Blog

...hand this breach can be justified as a simple human error, on the other hand I wonder if this breach is the result of something more. People need to be trained properly and be reminded constantly about information security risk and best practices, especially if they are authorized to work with confidential information I also question why...

Tags: university, information security risk, information, iowa, sensitive personal information, social security, internet, breach description, financial information

Difference Between of Adware, Spyware and Anti-virus

2007-04-18 04:24:00 by jack in adware and spyware

...hand, are more legitimate form of freeware. Similar to spyware, adwares are advertising materials which are packaged into a software or program and are installed automatically once that particular program or software is added into the computer system. Some forms of adware, on the other hand, download advertising contents as a particular...

Tags: virus, spyware, computer virus share, adware, anti-virus, computer, spyware author, computer system, system

Lock-In

2008-02-12 06:08:15 by schneier in Schneier on Security

...hand, there's this analyst report that claims there are over a million unlocked iPhones , costing Apple between $300 million and $400 million in revenue. On the other hand, Apple is planning to release a software development kit this month, reversing its earlier restriction and allowing third-party vendors to write iPhone applications. Apple...

Tags: lock-in, software, software development kit, custom software, software company, security, hardware, special security hardware, security mechanism

Unknown IP addresses access Lexmark personnel data

2008-02-15 15:32:04 by Evan Francen in The Breach Blog

...hand, we are all human and all humans make mistakes. On the other hand, I question how this all happened and what kind of training did the culprit receive in the proper handling of confidential information According to the report, Lexmark detected the breach within six hours, which helped significantly in reducing the amount of risk. It...

Tags: lexmark, senstive personal information, personal information, lexmark employees, information, employees, data, unknown, lexmark international

Benevolent Worms

2008-02-19 06:57:11 by schneier in Schneier on Security

...hand, runs without the consent of the user. It has a small amount of code, and once it starts to spread, it is self-propagating, and will keep going automatically until it's halted These characteristics are simply incompatible. Giving the user more choice, making installation flexible and universal, allowing for uninstallation -- all of these...

Tags: software worms spread, worms, software, bad software distribution, worm, successful worm, beneficial worms, software distribution mechanism, worm quieter

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo