SecurityRatty: tag: root

Orphaned Symantec Root Certificates

2007-08-02 15:12:18 by Editor in Cheap Hack

...Root Certificates dialog on one of my Vista systems and noticed something odd. The selected certificate is one of two Symantec certificates. Three things are of interest, and you can see the first two in the picture: The purposes for the certificate are " ". Usually certificates are listed as being used for a more limited set of purposes,...

Tags: symantec, symantec products, system unstable, symantec loans, system, norton removal tool, expect normal users, vista systems, sign malware

Threat modeling and root cause correction

2008-03-26 10:46:41 by Editor in Adventures in Security

Threat modeling is a good way to understand how an attacker can potentially reach his intended target. Using attack trees, analysts identify paths to the target and efficient ways to block an attacker's progress. The best block is to eliminate root cause. Microsoft apparently missed this piece

Tags: threat, microsoft apparently, target, attack trees, root, block, attacker, piece, reach

Enabling hierarchical nant builds

2008-03-07 05:49:00 by Keith Brown in Security Briefs

...root build script is what gets run automatically by Cruise Control My root script defines a bunch of properties, like where the output directories for the overall build live, where the tools live, and so on. And that works fine when I run the build from the root. The properties get defined, all the child scripts are run with tasks, and they...

Tags: nant, root script defines, script, root, task, simple nant task, root nant project, return path, return

Enabling hierarchical nant builds

2008-03-07 12:49:00 by keith-brown in Security Briefs

...root build script is what gets run automatically by Cruise Control My root script defines a bunch of properties, like where the output directories for the overall build live, where the tools live, and so on. And that works fine when I run the build from the root. The properties get defined, all the child scripts are run with tasks, and they...

Tags: nant, root script defines, script, root, task, simple nant task, root nant project, return path, return

Enabling hierarchical nant builds

2008-03-07 12:49:00 by keith-brown in Security Briefs

...root build script is what gets run automatically by Cruise Control My root script defines a bunch of properties, like where the output directories for the overall build live, where the tools live, and so on. And that works fine when I run the build from the root. The properties get defined, all the child scripts are run with tasks, and they...

Tags: nant, root script defines, script, root, task, simple nant task, root nant project, return path, return

On virtualisation

2007-05-29 16:20:00 by Niels Provos in Google Online Security Blog

...root (or equivalent) privileges in the guest to interact with a device at the low level required, device drivers will often offload the parameter checking required onto the hardware, so in theory an unprivileged attacker could be able to access flaws like this by simply interacting with the regular API or system call interface provided by the...

Tags: machine, virtual machine process, virtual machine software, host machine, host, software, virtual machine, low, low level access

The cost of a code signing certificate

2008-01-17 07:31:00 by Keith Brown in Security Briefs

...root certificate on your computer It's not just ease of use that I'm worried about here though. What's it mean to ask your customer to install a CA certificate into her trusted root store? I'm thinking of a nontechnical person like my mother - what's she going to think when she's asked to approve something that looks like this (the dialog...

Tags: code, cheap, cheap code, cert, root store, root, philosophical question, issue, install

Turns out John found a bargain

2008-01-17 10:35:00 by Keith Brown in Security Briefs

...root store and didn't find anything by Comodo. I guess I should have looked more closely. There it is Apparently John's found an excellent deal . It turns out that the trusted root cert he had to install was only for the *purchase* of the certificate. It's odd that Comodo didn't use their established trusted root to issue the SSL cert for...

Tags: root, root cert, root store, ssl cert, excellent deal, cert costs, apparently john, mea culpa, comodo

The Checklist

2008-02-07 20:14:00 by Security Retentive in Security Retentive

...root cause analysis in many cases (though not all) to understand the general cause of death, though when there is an infection for example we don't always get to root cause One result of this sort of tracking, is that it occurs within a regulatory framework where hospitals must report their incident rates publicly, and there are agencies...

Tags: secure, develop secure software, software, software development organizations, health, health care delivery, security, checklist, software development world

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo