SecurityRatty: tag: trustworthy

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...trustworthy election process. There have been some well chronicled examples of elections with extremely close results, where the winners margin of victory was perhaps smaller than the election systems margin of error. The term Hanging Chads , from the 2000 U.S Presidential election , is now part of the American vocabulary, and locally here in...

Yet another benefit of executive support for SDL...

2007-11-15 23:04:00 by sdl in The Security Development Lifecycle

...Trustworthy Computing group provides value (IMHO) well beyond the primary goal of protecting customers - the whole is truly greater than the sum of the parts The people in our group have a lot of ideas about how to make our security efforts more effective - "smart," "practical," "wild," or "extraordinary" are all reasonable adjectives to...

Tags: community, security researcher community, security, security tools, security efforts, security tool development, windows security assurance, security science team, team

Show 006 - An Interview with Michael Howard

2006-09-28 20:11:47 by rmacmich in The Silver Bullet Security Podcast

...Trustworthy Computing Initiative at Microsoft. Gary and Michael also discuss the security features of Windows Vista and Michaels recommendations for the two most important best practices when developing secure software. Listen for a startling revelation about Michaels choice of a desert island book Michael Howards blog Writing Secure Code by...

Tags: michael, michael howard, michael continues, michael howards blog, desert island book, desert island, security features, features, trustworthy

REAL ID continues to have 'real' challenges

2007-06-18 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

...trustworthy authentication of individuals for purposes such as boarding a plane

Tags: real, fraudulent driver, additional food, subsequent legislation, identity card, false identification, trustworthy authentication, recommendation, law

Show 010 - A Panel Discussion with Fortify Softwares Technical Advisory Board

2007-01-22 19:59:59 by rmacmich in The Silver Bullet Security Podcast

...trustworthy computing Greg Morrisett , Professor at Harvard, dependant type theory Matt Bishop , Professor at UC Davis, computer security Dave Wagner , Professor at Berkeley, software security and electronic voting A complete transcript of this podcast will be available soon from Fortify at http://www.fortify.com/silverbullet

Tags: software security, software security pedagogy, security, computer security, security products trainer, professor, static analysis tools, static analysis, tenable network security

Locked Call Boxes and Banned Geiger Counters

2008-01-18 07:44:31 by schneier in Schneier on Security

...trustworthy citizens nearby What happened when Lee made his request is not clear. Only one fact emerges from the confusion: No alarm was registered from any box in the vicinity of the fire until it was too late to do any good Apparently, Lee said that Goll refused to give him the key because he'd already seen a fire engine go past; Goll said...

Tags: boxes, false fire alarms, fire, fire alarms, false alarms, prevent false alarms, alarm boxes, alarm, chicago fire

New faces and predictions for the New Year...

2008-01-22 22:11:00 by sdl in The Security Development Lifecycle

...trustworthy software. Hence, Microsoft will be responsible for a smaller overall percentage of vulnerabilities in 2008. Ideally, I wish the overall NVD vulnerability count would decrease as an absolute number, as that would be an indicator that the industry as a whole was improving. Unfortunately, I don't think this will be the case Adam...

Tags: sdl team, team, sdl, sdl blog crew, cve, cve vulnerabilities, microsoft, single prediction, microsoft products

Supporting your family, friends, and neighbors

2008-02-13 17:45:40 by Steve Riley in Steve Riley on Security

...Trustworthy Computing Group, Microsoft Corporation originally published at http://www.microsoft.com/technet/community/columns/secmgmt/sm0208.mspx Ive met thousands of IT pros during my years speaking at conferences around the world. And if theres one thing thats true for all of us its that all IT pros become support professionals for their...

Tags: suspicious e-mail message, mail, home computers defense, home computers, e-mail, home, web mail, windows live mail, site

What can CISOs learn from the Societe Generale debacle

2008-02-19 09:17:17 by Khalid Kark in Security & Risk Management

...trustworthy, trusting your privileged users is not a defense that will hold in any court. You have to design security systems based on the assumption that every user is a malicious user Policies without implementation are worse than not having policies. Im sure Societe Generale had a policy of not sharing passwords and mechanisms to encrypt...

Tags: security, formal security strategy, societe generale, security technology, external security challenges, implement security, access, security products, access users

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle</

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo