SecurityRatty: tag: question

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle

...questions that may come up is Is it Safe? (Apologies for the lame and over-used Marathon Man movie reference ) . I choose this imprecise reference to safe since most people dont think deeply about what it means beyond I dont want bad things to happen to me or people/property/data I care about. In terms of software security, all of the...

Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security

A question of trust and identity

2008-06-10 00:00:00 by Andreas M. Antonopoulos in Network World on Security

What is the right balance between security and privacy? This is a common starting point in many policy discussions, especially in government. Its a trick question because it presets the conversation as a balancing act between two values as if they are antithetical they are not. In practical terms, privacy is security

Tags: policy discussions, practical terms, security, privacy, trick question, government, antithetical, values, common

A Question of Integrity: To MD5 or Not to MD5

2008-06-25 19:50:57 by Craig Balding in Cloud Security

...questions are asked as to whether the corruption caused by the loadbalancer was affecting both incoming and outgoing traffic. The conclusion was yes. If you are hosting media on S3, and the browser is using partial GET requests (to download in chunks) then the corruption will not be automatically detectable If your business relies on Cloud...

Tags: amazon prior, amazon, aws, aws status page, md5, load balancer, single load balancer, status, data

Senators question NebuAd, targeted ad privacy

2008-07-10 13:00:00 by Editor in Computerworld Security News

Senators question NebuAd on its information collection practices at a hearing in which the company's CEO said it does not collect personally identifiable information or keep the information it collects for an extended time

Tags: information, senators question nebuad, identifiable information, information collection practices, collects, time, ceo, collect, company

FaxBox: the latest in password scams

2008-01-07 18:09:34 by Steve Riley in Steve Riley on Security

...Question It [mailto:question it@fanboxapps.com Sent: Monday, January 07, 2008 2:34 To: Steve Riley Subject: Ratul has asked you a question on FanBox Ratul asked you a question. View the question and answer it FanBox.com is the web-based desktop that instantly turns every computer into your computer. It includes over 10,000 web applications...

Tags: email, question itfanboxapps, email address, question, fanbox, junk email folder, faxbox, ratul, named ratul

Learning From Sarah Palins Yahoo Mail Compromise

2008-09-18 13:31:56 by Chris Wysopal in Zero in a bit

...question concerning personal information only and dont tie back to another email account or a text message. Another account or cell phone number is something out of band from a direct transaction with the online service. It becomes 2-factor authentication When an alternate email account or cell phone number is not tied to an account, online...

Tags: password reset email, reset, password reset functionality, service, online postal service, password reset, online, online service, password

Announcing the InfoSec 10 Minute Mentor

2008-12-17 05:09:47 by Craig Balding in Security Wannabe

...questions about life in the IT security industry but no-one with real Infosec experience to turn to. I simply didnt have the connections back then, nor a trusted advisor/mentor. Looking back, the downside was I took some longer paths than necessary in the learn/fail cycle. The upside is that ultimately I learned to do that quite quickly...

Tags: question, blog post, blog, meaningful answer, answer, experiment, post, security industry, real infosec experience

Fun TLR Log Management Questions

2008-03-14 12:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...questions from the audience during our "Log Management Thought Leadership Roundtable Webcast" ( recording , some comments ). Since they would be useful to my readers, I am answering some of them here (questions are anonymous and slightly rewritten for clarity Q1: When you mention "forensics", are you speaking in term of legal forensic...

Tags: log, log ownership issues, log services, log messagessecond, log management, log management solution, management, log sources, incident response team

Should We Treat Contractors The Same as Employees?

2008-03-26 13:47:43 by Alex in RiskAnalys.is

...QUESTION OF TRUST Youre probably already saying in your mind, that the level of trust we afford anyone on the magic-packet-carpet-ride we call a network or system should be a direct inverse correlation to the Probable Impact a malicious actor would cause. More simply put, be more paranoid when there is more at stake. You would be correct,...

Tags: threat, threat communities, threat agent applies, threat agents, threat event results, threat community, employees, risk tolerance, risk

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo