Sunday, December 17, 2006

Weekend Reading

Are you my friend? Yes or No?

Social network sites like Friendster and MySpace are constructed in a way that requires people to indicate relationships or ‘friendships’ with other participants. Is an articulation of friendship equivalent to friendship? This paper challenges that assumption.

Read the article HERE.


==================================================================
Microsoft's new identity: secure OS vendor?

In preparing my most recent book, Windows Vista Security: Securing Vista Against Malicious Attacks (Wiley), co-authored with Dr. Jesper Johansson, I’ve counted more than 180 new security improvements and features in Vista. I’ve been developing a PowerPoint presentation on it, and it’s already exceeded 220 slides (and I’m only a third of the way done).

Talk to the many professional hackers that Microsoft has invited to test and strengthen Vista. Hundreds of internal and external hackers gave it their best whacks. A few succeeded in finding new exploits (or in re-finding old exploits). But ask any of them what they think of Microsoft’s new OS, and all will tell you it’s a lot harder to hack than its predecessor.


Read the article HERE.


==================================================================
Teen hacker 'a very clever boy'

A New Zealand teenager who was sent on a computer training course as part of a police rehabilitation program has admitted to hacking into internet banking accounts and stealing nearly $NZ50,000.

[ We have read many stories like this before, but the frightening aspect for me is this comment from an official - "It's very concerning that someone can basically sit at home and get everything off the internet and do what they want". As mentioned before, those of you that read this blog are probably amazed at a comment like this. But, the sad fact is, that he is not in the minority. Most computer users don't have a clue about how dangerous the Internet now is. Perhaps it's time to issue a pamphlet with every computer purchase [federally funded ?] warning new users of these dangers. ]


Read the article HERE.

==================================================================
Web Is in Grave Danger

My first warning is about AJAX. It will be at the center of two major events in the year 2007. The first problem will come from AJAX's power to allow developers to create rich multimedia Web sites and applications. During 2007, developers will go so far overboard with AJAX sites that the entire World Wide Web will be forced to its knees.

Read the article HERE.


==================================================================
Signature Scanning: 'I'm Not Dead Yet'

Signature-based scanning may not be exciting, but it's a fundamental and useful part of computer security. There's no question that conventional anti-virus protection has become boring, as well it should be. There should be nothing exciting about it. But I think it goes over the top to say that it's "dead." "Commoditized" might be a better word.

Read the article HERE.

==================================================================
Not Much Resistance at the Door

Websites are as vulnerable as ever, according to a survey of Web application security professionals who test sites for security holes. The survey, conducted by researcher Jeremiah Grossman on his blogsite, polled more than 60 security pros, 63 percent who work for vendors or consultants, 23 percent for enterprises, 5 percent for government, and 10 percent for other types of organizations. These are the guys in the trenches who hammer on Websites regularly -- 53 percent said all or almost all of their job is dedicated to Web app security (versus development, general security, and incident response); 28 percent said about half; and 20 percent said "some."

Read the article HERE.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home