SEARCH RESULTS
 
Showing 1-10 of 50 records
 
Expand article

An Option with a Negative Value?

2006-07-28 08:38:00 by Jomni in Risk Management Quant
 
A recent post in the Wilmott forums asked "Can an option have a negative value Conceptually, an option with a negative value does not make sense. A negative value means that the option seller (writer) pays the option buyer. This results into a "free lunch" as described by one of the posters (waiter222). The option buyer will always win out in...
 
Tags: option, negative option, option seller, option writer sells, option buyer, option position, negative, position, writer
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
Scott Lambert here. I work on the Security Engineering Tools team where we're responsible for researching, developing and publishing tools to internal product and service teams. These include fuzzing, binary analysis and attack surface analysis tools Previously, James Whittaker posted a blog entry on Testing in the SDL in which he mentioned that...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

More on Fallacy #4

2008-05-16 13:04:06 by Gunnar Peterson in 1 Raindrop
 
Steve Jones on Rest and Distributed Computing Fallacies One of the objections I've had about REST for a while is that it appears to ignore Deutsch's fallacies of network computing 1. The network is reliable 2. Latency is zero 3. Bandwidth is infinite 4. The network is secure 5. Topology doesn't change 6. There is one administrator 7. Transport...
 
Tags: secure service, service, rest, rest specifies, service firewall pattern, network, fallacies, secure, pretty solveable
 
 
 
 
Expand article

The asymmetry of data loss - data thief has an upper hand

2008-10-01 06:33:22 by RaviC in Musings on Information Security
 
I read this awesome book by Dan Geer, Economics and Strategies of Data Security . This gave me structure for my thoughts about a complex topic such as data security When a data owner's (a business) sensitive data is breached it is difficult to quantify the monetary loss. According to respectable survey sources, the average cost of sensitive data...
 
Tags: data owner perspective, data owner, data, thief, owner, data freshness factor, data protection costs, discourage data thief, protect data
 
 
 
 
Expand article

ARCO gas pumps targeted by fraudsters

The Article has images
2007-12-27 13:58:30 by Evan Francen in The Breach Blog
Technorati Tag: Security Breach Date Reported 12/12/07 Organization ARCO Contractor/Consultant/Branch Station located at 4378 N. Santa Anita Avenue, El Monte, California There are 135 ARCO gas stations within a 10 mile radius Victims ARCO Customers Number Affected As many as 100 Types of Data Debit card magnetic stripe data and PINs...
 
Tags: arco gas pumps, pumps, gas pumps, arco, gas stations, arco gas stations, card, debit card identification, creditdebit card data
 
 
 
 
Expand article

When Will the Media Industry Embrace the BORA Principle?

2007-03-22 10:06:00 by Eric Marvets in The Security Samurai
 
I was reading the WSJ this morning and came across an op-ed piece entitled Congress Must Make Clear Copyright Laws to Protect Consumers written by Walter S. Mossberg. I enjoyed the article and especially liked his fair use comparison between print and video (you can reprint a small section of a publication in another without permission, yet you...
 
Tags: credit card, credit, credit card industry, credit card fraud, industry, media industry, cut fraud, fraud, credit cards
 
 
 
 
Expand article

Cyber Jihadist Hacking Teams

The Article has images
2007-12-17 20:03:29 by HASH0x847073c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
These groups and fractions of religiously brainwashed IT enthusiasts utilizing outdated ping and HTTP GET flooding attack tools, represent today's greatly overhyped threat possed by the cyber jihadists whose cheap PSYOPS dominate, given the lack of strategical thinking, and the lack of sustainable communication channels between them, ruined all...
 
Tags: anti-islamic web sites, islamic web sites, web, jihad, electronic jihad program, campaign, electrnic jihad campaign, web sites, cyber jihad
 
 
 
 
Expand article

Malware Serving Online Casinos

The Article has images
2007-11-29 16:37:13 by HASH0x8968208 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Don't play poker on an infected table part two. The following three online casinos are currently serving embedded malware in the form of IFRAMES and the average javascript obfuscation The first one is poker.gagnantscasino.com (213.186.33.4) with current obfuscation loading statistics-gdf.cn/ad/index.php (116.0.103.133) where another obfuscation...
 
Tags: obfuscation, current obfuscation, obfuscation loads, play poker, poker, internal url statistics-gdf, statistics-gdf, average javascript obfuscation, php
 
 
 
 
Expand article

Security is not all about Security Updates

2007-12-17 12:58:00 by sdl in The Security Development Lifecycle
 
Hi, Michael here I'm always asked "How can you claim the SDL is working when Microsoft still issues security updates?" So I want to make sure people understand the goals of the SDL and perhaps more importantly, the non-goals There are three major security-related disciplines here at Microsoft and people outside the company often confuse the...
 
Tags: security, end-user security documentation, security response, fix security bugs, response, security fix, implementation vulnerabilities, vulnerabilities, security feature development
 
 
 
 
Expand article

SQL injection compromises MLSgear.com customer information

2008-02-11 09:27:06 by Evan Francen in The Breach Blog