SecurityRatty: tag: misses

Fun Reading on Security - 3

2008-05-23 17:23:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...misses and ones to watch" (past history) and "Fifty years of DARPA: Hits, misses and ones to watch, part II" (current project to watch) - extreme fun An [ex-] TJX employee explains that TJX security is still horribly broken, yes, even after the breach and all the hoopla Finally, one intelligent comment about Google "Indiagate" (warning:...

Tags: security, security evolution, security metrics, tjx security, people security business, fun, people, business, extreme fun

Links for 2008-05-23 [del.icio.us]

2008-05-24 00:00:00 by Editor in Anton Chuvakin Blog -

A Return to ROSI: The Economics of Security | BlogInfoSec.com Top 5 Abused/Misused/Miscontrued Terms in Information Security Amrit Williams Blog Esper nextiernetworks :: Advisory Board Fifty years of DARPA: Hits, misses and ones to watch - tech - 15 May 2008 - New Scientist Tech Fifty years of DARPA: Hits, misses and ones to watch

Tags: scientist tech fifty, tech, fifty, advisory board, hits, misses, darpa, terms, economics

Thoughts on Token Security

2008-08-26 16:35:23 by Gunnar Peterson in 1 Raindrop

...misses some perspective. Firstly any article that makes a serious attempt at mitigating FUD is most welcome, especially in a space that is as overloaded as identity. That said, I think RSnake is taking too narrow of a view, specifically B2C, on federation and tokens . It is true that works on the web eventually filters into the enterprise,...

Tags: security, global federation, federation, single federation platform, security mechanism, resource security, security consultants, consumer web applications, web

Hacking tool guidance finally appears

2007-12-31 17:50:32 by Richard Clayton in Light Blue Touchpaper

...misses the point of dual use by talking about using the tool in a different context Still, the installed base test should at least allow people to distribute perl without qualms (millions of users) though do note that these are the tests which will be applied at the deciding if you ought to be charged with an offence stage, not the points of...

Tags: bad, bad people download, cma offence, offence, bad guys, guys, offence stage, tool, article widely

Keyloggers: Why Banks Need Two-Factor Authentication

2008-01-14 11:55:21 by Tim Bass in The Complex Event Processing Blog

...misses a popular and inexpensive two-factor authentication used here in Thailand and APAC: SMS-based 2FA In a nutshell, SMS-based 2FA involves having your on-line banking system send an SMS message with a one-time password (OTP) to your cell phone. You then must enter the OTP to complete your transaction Is this a perfect solution No But, it...

Tags: two-factor authentication, keyloggers, inexpensive two-factor authentication, usb keyloggers, hardware keyloggers, 2fa involves, time, black keylogger, keylogger

TSA Misses the Point, Again

2008-01-29 15:13:57 by schneier in Schneier on Security

They're checking IDs more carefully , looking for forgeries: Black lights will help screeners inspect the ID cards by illuminating holograms, typically of government seals, that are found in licenses and passports. Screeners also are getting magnifying glasses that highlight tiny inscriptions found in borders of passports and other IDs. About...

Tags: tsa, tsa screeners, tsa agent, tsa document checker, screeners, passenger ids, passenger, screeners inspect, airport

If NAC is an Easter egg hunt, is Cisco the bunny?

2008-02-21 21:34:17 by HASH0x8bb63c0 in StillSecure, After All These Years

...misses is in talking about the Cisco-Microsoft NAC partnership. I think the TCG-Microsoft partnership has replaced that one and Cisco is going to join that party through the NEA For me though the quote of the article was this one by Brendan O'Connell, Cisco's product line manager for NAC, "NAC is an Easter egg hunt. Policy lives in a lot of...

Tags: nac, cisco, nac solution, cisco-microsoft nac partnership, nac easter bunny, easter egg hunt, neil, neil roiter, policy lives

If NAC is an Easter egg hunt, is Cisco the bunny?

2008-02-21 22:10:54 by ashimmy in StillSecure, After All These Years

...misses is in talking about the Cisco-Microsoft NAC partnership. I think the TCG-Microsoft partnership has replaced that one and Cisco is going to join that party through the NEA For me though the quote of the article was this one by Brendan O'Connell, Cisco's product line manager for NAC, "NAC is an Easter egg hunt. Policy lives in a lot of...

Tags: nac, cisco, nac solution, cisco-microsoft nac partnership, nac easter bunny, easter egg hunt, neil, neil roiter, policy lives

Going beyond technical security controls

2008-03-03 13:51:00 by Ryan Shopp in practical risk management

...misses so much of the full picture ( over 50% per previous blog posts ) that even the internal or external auditors don't have enough time to do a comprehensive review. The goal of those auditors is not a "witch hunt," it's suppose to be to protect the company! So what happens is each year, things get more and more detailed (which is good) as...

Tags: security, security eventlog manager, assess security controls, entire security program, security policy, policy, security organization, unwieldy policy, security software application

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo