SEARCH RESULTS
 
Showing 1-10 of 278 records
 
Expand article

MSSP and NAC - true love or lust?

2008-05-22 10:51:56 by HASH0x8b2d488 in StillSecure, After All These Years
 
A recent edition to the Security Bloggers Network (over 50,000 combined subscribers strong now!) is Grant Hartline, CTO of Mirage Networks, Mirage blog . Mirage is a competitor of StillSecure in the NAC marketplace, sometimes (actually we don't run into them very often) but I was happy to see them join the SBN. I have certainly taken shots at...
 
Tags: nac, nac service, traditional nac, mssp, nac marketplace, mirage, service, mirage blog, mirage networks
 
 
 
 
Expand article

Null Strings in ASP.NET Declarative DataSource Updates

2008-08-29 15:42:47 by keith-brown in Security Briefs
 
I just spent about 15 minutes debugging a problem where a document was getting unexpected nulls where empty strings should have been. Indeed controls like the TextBox have code in them that allows you to set the Text property to null and the TextBox will convert that into an empty string. So it's a bit counterintuitive that the declarative data...
 
Tags: strings, declarative data source, empty strings, null, empty, xml schema designs, textbox, text property, nulls
 
 
 
 
Expand article

Review of My 2007 Security Predictions: Too Wimpy

2007-12-23 15:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
It is time to check how my last year's predictions ( My Security Predictions for 2007 ... Go! ) fared. I am shocked that many of my colleagues looooove to predict, but seem to shy away from reviewing them in the end of the year ( big ego - small 'you know whats So, one liner summary of status of my 2007 predictions : they were too wimpy. In more...
 
Tags: status check iii, status check, status check viii, security, security predictions, status check vii, check, predictions, status
 
 
 
 
Expand article

Better exception reporting in ASP.NET part 2

2008-08-04 14:11:14 by keith-brown in Security Briefs
 
This is the third post in a series The first post described the problem: ASP.NET wasn't reporting inner exception stack traces The second post described my solution This post shows the code I used to solve the problem: a custom email provider for the Health Monitoring system in ASP.NET. Enjoy Here's the provider. Note that I opted *not* to build...
 
Tags: return, return subjectbuilder, return formatter, exception, formatter, crazy formatter, static void, static void emitprocessinfo, return null
 
 
 
 
Expand article

My 2008 Security Predictions!

2008-01-09 15:42:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
I just have to start with this quote from Rich Mogul : "... Legions of armchair futurists slobber over their keyboards, spilling obvious dribble that they either predict every year until it finally happens or is so nebulous that they claim success if a butterfly flaps its wings in Liechtenstein." :-) Amen to that, Rich. Onwards to my 2008...
 
Tags: security, security predictions, broader information security, information security, smb security, virtual security appliances, security market, security solutions, security software
 
 
 
 
Expand article

Third Parties Controlling Information

2008-02-27 05:46:46 by schneier in Schneier on Security
 
Wine Therapy is a web bulletin board for serious wine geeks. It's been active since 2000, and its database of back posts and comments is a wealth of information: tasting notes, restaurant recommendations, stories and so on. Late last year someone hacked the board software, got administrative privileges and deleted the database. There was no...
 
Tags: regularly disappear, regularly, disappear, position papers disappear, web bulletin board, web, information, entire websites disappear, internet
 
 
 
 
Expand article

The Ethics of Vulnerability Research

2008-05-14 11:29:45 by schneier in Schneier on Security
 
The standard way to take control of someone else's computer is by exploiting a vulnerability in a software program on it. This was true in the 1960s when buffer overflows were first exploited to attack computers. It was true in 1988 when the Morris worm exploited a Unix vulnerability to attack computers on the Internet, and it's still how most...
 
Tags: software security experts, software, vulnerabilities nurtures, vulnerabilities, exploitable vulnerabilities, vulnerabilities lie dormant, security vulnerabilities, computer, computer security experts
 
 
 
 
Expand article

Iowa DNR loses personal information on 7,000

The Article has images
2007-12-19 14:22:00 by Evan Francen in The Breach Blog
Technorati Tag: Security Breach Date Reported 12/11/07 Organization State of Iowa Contractor/Consultant/Branch Department of Natural Resources (DNR Salem Associates Victims Waste water and drinking water worker permit applicants Number Affected 7,000 Types of Data Applicant data including names, addresses, phone numbers, and Social...
 
Tags: iowa dnr, iowa, iowa dnr decides, iowa dnr lost, iowa department, dnr, computer flash drive, drive, information
 
 
 
 
Expand article

Oak Ridge National Laboratory visitor information exposed

The Article has images
2007-12-11 13:45:21 by Evan Francen in The Breach Blog
Technorati Tag: Security Breach Date Reported 12/3/07 Organization UT-Battelle, LLC Contractor/Consultant/Branch Oak Ridge National Laboratory (ORNL Oak Ridge National Laboratory (ORNL) is the Department of Energy's largest science and energy laboratory. ORNL was established in 1943 as a part of the secret Manhattan Project to pioneer a...
 
Tags: information, personal information, security, store social security, retrieve information, regular information security, security systems, cyber-security issues, security breach