SEARCH RESULTS
 
Showing 1-10 of 37 records
 
Expand article

Vulnerability Events

2008-03-30 17:20:05 by JonesJ in RiskAnalys.is
 
...resist that force, then vulnerability can come about in one or more of three ways 1. Resistance strength is diminished in some manner (e.g., cutting part-way through a rope 2. Available force increases so that it exceeds existing levels of resistance (e.g., more weight is added to the end of the rope 3. An asset is newly exposed to threat...
 
Tags: vulnerability, relative term, term, loss events occur, loss events, vulnerability events matter, loss, actual loss, relative term requires
 
 
 
 
Expand article

Should We Treat Contractors The Same as Employees?

2008-03-26 13:47:43 by Alex in RiskAnalys.is
 
...resist the force the threat agent applies (in FAIR, Vulnerability So what were really talking about is what strategies we can apply to reduce the Frequency of Loss Events for our populations (W2, 1099). Now for any threat community, we can do one of three things 1.) Reduce the Frequency of Contact This is really either blocking, cordoning,...
 
Tags: threat, threat communities, threat agent applies, threat agents, threat event results, threat community, employees, risk tolerance, risk
 
 
 
 
Expand article

The DDoS Attack Against CNN.com

The Article has images
2008-04-22 19:30:53 by HASH0x8b2d1ec in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...resist Beijing Olympic Games President, the Chinese go-vern-ment has just come to an end with the French Airbus as much as billions of dollars in trade contracts. France on bad faith Recently, the United States "cnn" Since, as we said a number of Chinese people can not accept things, is that we are willing to endure, willing to yield? We...
 
Tags: ddos, ddos-ing cnn, cnn, ddos people, warfare, information warfare attack, attack, ddos attack, chinese script kiddies
 
 
 
 
Expand article

One Mans Frustrations With Risk Management

2008-09-23 18:05:20 by Alex in RiskAnalys.is
 
...resist an attacker. They are incapable of making any claim about the effectiveness of the controls when they are operated at 100% efficiency, or more importantly, what % efficiency our specific organization operates at Lets use Chris Hayes Initech as our fictional example Initech has a control (a back door on a loading dock). Now the locks on...
 
Tags: risk management, risk management methodologies, risk management approaches, risk, risk management methodology, risk management models, risk professionals focus, risk analysis, specific
 
 
 
 
Expand article

Vote but Verify

2007-09-07 19:56:11 by Liudvikas Bukys in Liudvikas Bukys
 
...resist posting my disagreement into the comments on his blog, and perhaps I am going to convince him, as he edited out my most provocative snide political shots and left in some of my more reasoned comments As a security person, I must point out that if machines do not produce a reliable auditable record, then all you have is a fait accompli...
 
Tags: all-electronic systems, systems, all-electronic, paper audit trail, all-electronic paperless approaches, security geek consensus, research topic, consensus, nist
 
 
 
 
Expand article

Covert channel vulnerabilities in anonymity systems

2007-12-10 10:39:42 by Steven J. Murdoch in Light Blue Touchpaper
 
...resistant voting systems In the military context, for which multilevel secure systems were designed, covert channels are increasingly eliminated by physical separation of interconnected single-role computers. Prior work on the remaining network covert channels has been solely based on protocol specifications. I examine some protocol...
 
Tags: covert, covert channel vulnerabilities, vulnerabilities, network covert channels, covert channels, channels, covert channel, anonymity systems, systems
 
 
 
 
Expand article

A cryptographic hash function reading guide

2007-11-23 16:01:18 by George Danezis in Light Blue Touchpaper
 
...resistant hash function. It also presents the basic constructions for such functions from block ciphers (too slow for SHA-3), as well as from dedicated compression functions. Chapter 3 also quickly presents Floyds cycle finding algorithm to find collisions with negligible storage requirements If your curiosity has not been satisfied, the...
 
Tags: function, hash functions, cryptographic hash functions, functions, functions secure, design, hash function design, compression functions, secure hash function
 
 
 
 
Expand article

What's your data worth? More importantly, to whom?

2007-10-25 06:49:21 by Steve Riley in Steve Riley on Security
 
...Resist the urge to think about its value to the bad guys when deciding how to secure your data, because if you think your data isn't valuable to anyone else, then you'll probably get the security wrong (that is, you won't have enough If you've got data accessible online, it's valuable to someone -- you! Why else would you put it up? It's...
 
Tags: data, data accessible online, valuable, security, security wrong, opposite approach, approach, bad guys, worth
 
 
 
 
Expand article

Vista SP1: Threat or Menace?

2008-03-22 00:00:00 by HASH0x8473394 in Network World on Security
 
...resist cribbing one of his more famous headlines. Ol' Jonah always had a bad habit of selling short your friendly neighborhood Spider-Man, no matter how much good the webslinger did. Similarly, the long-awaited release of Service Pack 1 for Windows Vista seems to have done little to quiet the grumbling about Microsoft's latest OS
 
Tags: jonah, friendly neighborhood spider-man, jonah jameson, bad habit, service pack, windows vista, famous headlines, daily bugle, similarly
 
 
 
 
Expand article

Got a firewall on your snail-mail mailbox?

2008-04-01 09:27:49 by Editor in Adventures in Security
 
...resist Internet purchases and other activities requiring submission of personal information. Yes, I said misconception. Identity theft due to online participation is only a small part of a larger problem
 
Tags: theft, identity theft due, identity theft, internet, resist internet purchases, electronic