SEARCH RESULTS
 
Showing 1-10 of 37 records
 
Expand article

Risk and Culture

2008-05-21 05:19:59 by schneier in Schneier on Security
 
...values, for example, proposing it as a solution to global warming makes persons who hold such values more willing to consider evidence that climate change is a serious risk. Because people tend to impute credibility to people who share their values, persons who hold hierarchical and egalitarian values are less likely to polarize when they...
 
Tags: risk, values, cultural values, hold hierarchical, hold, egalitarian values, hold individualist values, diverse values, national risk
 
 
 
 
Expand article

Auditing open source software

2007-10-08 16:13:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...values pulled out of images being parsed. They are added together, causing a classic integer overflow condition and the bypass of the size check. A subsequent additional integer overflow in the allocation of a buffer leads to a heap-based buffer overflow gunzip . In September 2006, my colleague Tavis Ormandy reported some interesting...
 
Tags: image, malicious image file, libtiff image, values, jpeg image, tiff header values, source, evil tiff file, evil
 
 
 
 
Expand article

Setting file ACLs with PowerShell part 4

2007-11-29 09:34:00 by Keith Brown in Security Briefs
 
...values. But to understand how it works, you'll have to bear with me and learn about type-constrained variables in PowerShell, which is a really cool feature unto itself, and one that I use all the time While PowerShell doesn't support strong typing in the classic sense of a compiler, it does have a feature that allows you to constrain the...
 
Tags: values, invalid enumeration values, enumeration, enumeration values, new-object security, object, powershell, invalid cast exception, cast
 
 
 
 
Expand article

What Does SHA1 is Broken Mean?

2007-12-12 07:35:00 by Eric Marvets in The Security Samurai
 
...values for x is infinite. The hash on the other hand is a fixed size. Therefore, for each value in the range of our hash, there are an infinite number of possible values for x This range of possible values determines the odds of guessing a value x to match a known value f(x). If the size of the hash value was 2 1 , there would be a 50/50...
 
Tags: sha1, choose sha1, sha1 protects, hash data, data, sha1 drops, hash function, hash, function
 
 
 
 
Expand article

Measuring Vulnerability

The Article has images
2008-04-14 14:31:38 by JonesJ in RiskAnalys.is
...values being measured may vary over time (e.g., hurricane wind speed varies throughout the lifetime of the storm, and strength can change throughout the lifetime of a control One or more of the values being measured may vary across a population (e.g., not all hurricanes have the same wind speed When absolute scales apply Warning: This is an...
 
Tags: threat capability curve, capability, human capability, human threat capability, describe control strength, control strength, capability curve, threat community capability, control
 
 
 
 
Expand article

Making Risk Measures Agree with Accounting 100%

2006-12-26 05:27:00 by Jomni in Risk Management Quant
 
...values, etc. In risk measurement, benchmark results are acceptable as long as they are reasonable (where you can see the degree of sensitivity to different types of risks). So what is important in risk measurement is not the valuation of your positions to the exact cent but the model on how this value reacts with different types of risk....
 
Tags: risk, risk software, software, risk measurement, values, exact market values, exact, exact cent, cent
 
 
 
 
Expand article

Logs: Parsing, Tokenizing or Extracting?

2008-03-11 01:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...values [yuck!], XML, etc) to obtain a semblance of structured data (not just a flow of text logs) from logs without any human involvement But is that an endgame, that "holy grail" of log analysis or yet another step towards it? First, bad logs break it (e.g. with space in names or values with spaces and without quotes) and thus call for a...
 
Tags: logs, log analyst, log, convert logs, log management, diverse log sources, text logs, log analysis, bad logs
 
 
 
 
Expand article

Stealing from Bookstores

2008-03-13 13:06:23 by schneier in Schneier on Security
 
...values are commonly understood and roundly agreed upon through word of mouth, and the values always seem to be true. Once, a scruffy, large man approached me, holding a folded-up piece of paper. "Do you have any Buck?" He paused and looked at the piece of paper. "Any books by Buckorsick?" I suspected that he meant Bukowski, but I played dumb,...
 
Tags: piece, folded-up piece, charles bukowski, bukowski, books, paper, book thief, authoritative top, values
 
 
 
 
Expand article

WordPress 2.5 Cookie Forging Explained

2008-04-25 21:46:49 by Chris Eng in Zero in a bit
 
...values match, it fetches the user object corresponding to the username in the cookie, and youre authenticated So how can this be attacked The authentication mechanism assumes that an attacker cannot calculate the HMAC. However, this assumption is broken because the two inputs used to calculate the HMAC (username and expiration) are not...
 
Tags: cookie, wordpress authentication cookie, authentication cookie, cookie integrity bug, hash, hash hmac, user, user identity, maintain cookie uniqueness
 
 
 
 
Expand article

"The Kite Runner" will change how you think about Afghanistan

The Article has images
2008-04-29 11:16:44 by HASH0x8acb904 in StillSecure, After All These Years
...values they believe in and may not be the most religous, but are never the less good people The movie made me think about my role as a father, husband and American. The whole American immigration experience is such a great influence on the world. We have the ability to take people from anywhere and they become Americans. The father in the...
 
Tags: people, afghan people real, muslim world, world, afghanistan, movie tells, movie, kite runner, american view