SEARCH RESULTS
 
Showing 1-10 of 328 records
 
Expand article

Crypto-Gram Tenth Anniversary Issue

2008-05-15 11:13:10 by schneier in Schneier on Security
 
...issues later , none of that has changed I started Crypto-Gram because I had a lot to say about security, and book-length commentaries were too slow and too infrequent. Sure, I was writing the occasional column in the occasional magazine, but those were also too slow and infrequent. Crypto-Gram was supposed to be my personal voice on security,...
 
Tags: crypto-gram, crypto-gram entries, blog online, blog, security products, snake-oil security products, blog entries, crypto-gram format, format
 
 
 
 
Expand article

Poll: How Important is a POC When Getting Someone to Fix a Security Issue

2007-11-27 08:37:00 by Security Retentive in Security Retentive
 
...issues taken seriously I've noticed that lots of people that work as consultants and/or inside companies have to jump through lots of hoops to get a security vulnerability taken seriously In many cases I see people spending hours and hours crafting a working proof-of-concept exploit for a vulnerability and needing to actually demonstrate...
 
Tags: issue, people, vulnerability, vulnerability exists, time, poc, lots, exploits, security vulnerability
 
 
 
 
Expand article

Dual-Use Technologies and the Equities Issue

2008-05-06 05:17:24 by schneier in Schneier on Security
 
...issue," and it can be summarized as follows: When a military discovers a vulnerability in a dual-use technology, they can do one of two things. They can alert the manufacturer and fix the vulnerability, thereby protecting both the good guys and the bad guys. Or they can keep quiet about the vulnerability and not tell anyone, thereby leaving...
 
Tags: technologies, dual-use technologies, bad guys insecure, guys, dual, security, non-security, security improves, security improvements
 
 
 
 
Expand article

Dual-Use Technologies and the Equities Issue

2008-05-06 05:17:24 by schneier in Schneier on Security
 
...issue," and it can be summarized as follows: When a military discovers a vulnerability in a dual-use technology, they can do one of two things. They can alert the manufacturer and fix the vulnerability, thereby protecting both the good guys and the bad guys. Or they can keep quiet about the vulnerability and not tell anyone, thereby leaving...
 
Tags: technologies, dual-use technologies, bad guys insecure, guys, dual, security, non-security, security improves, security improvements
 
 
 
 
Expand article

Open redirect vulnerabilities article - (IN)SECURE Issue 17

The Article has images
2008-06-26 10:18:00 by Russ McRee in HolisticInfoSec.org
...Issue 17 of (IN)SECURE Magazine . Page 43 for your reading pleasure An open redirect is a vulnerability that exists when a script allows redirection to an external site by directly calling a specific URL in an unfiltered unmanaged fashion, which could be used to redirect victims to unintended malicious web sites This issue is a giant pet...
 
Tags: redirect, issue, redirect victims, malicious web sites, giant pet peeve, specific url, vulnerability, article, dangers
 
 
 
 
Expand article

Fix OWA message size limit issue after Exchange 2007 SP1 upgrade

2008-03-05 10:10:49 by Dan Sexton in WhatIs: Enterprise IT tips and expert advice
 
After an Exchange Server 2007 SP1 upgrade, OWA can no longer send large attachments. Learn how to troubleshoot this OWA issue in Exchange 2007 SP1
 
Tags: sp1 upgrade, sp1, owa, exchange, owa issue, exchange server, attachments, troubleshoot
 
 
 
 
Expand article

Network World Focus on Security in 3/17/08 issue

The Article has images
2008-03-18 17:22:36 by John Peterson in Security In The Virtual World
...issue that talk about the security challenges in the virtual environment. I suggest everyone interested in the topic take a read After reading the articles, I did want to put out a short blog today to bring clarity to some of the vendor hype and mis-information that has been floating around lately. I've heard many people say that Reflex, Blue...
 
Tags: catbird provide security, provide, network world, virtual security appliance, virtual security, provide prevention, span port, port, zones
 
 
 
 
Expand article

Network World Focus on Security in 3/17/08 issue

The Article has images
2008-03-18 17:22:36 by John Peterson in Security In The Virtual World
...issue that talk about the security challenges in the virtual environment. I suggest everyone interested in the topic take a read After reading the articles, I did want to put out a short blog today to bring clarity to some of the vendor hype and mis-information that has been floating around lately. I've heard many people say that Reflex, Blue...
 
Tags: catbird provide security, provide, network world, virtual security appliance, virtual security, provide prevention, span port, port, zones
 
 
 
 
Expand article

Blue Box SE#022 - SIP NAT Traversal discussion with Jonathan Rosenberg

2007-12-19 18:37:35 by HASH0x89e89f4 in Blue Box: The VoIP Security Podcast
 
...issue of SIP and NAT traversal and has authored several of the major Internet-Drafts on the issue. In this interview, we discuss What the issue is with SIP and NAT traversal How ALGs and SBCs attempt to solve the problem Methods that have been developed by the IETF, specifically STUN TURN ICE The role of ICE going forward, who is supporting...
 
Tags: sip nat traversal, sip, nat traversal, sip security, jonathan, jonathan rosenberg, sip protocol, major internet-drafts, internet