-
Mixed links
Via Deb-Tech: Security Watch Revisiting the 10 Immutable Laws of Security, Part 1. Very good post, definitely worth reading, I can’t wait for part 2 and 3. From the same author: Help: I Got Hacked. Now What Do I Do?. While you’re there, you can refresh your memory by reading the original 10 Immutable Laws…
-
Stepping beyond the vendor-centric security solution
Even these days too many organisations have a “one silver bullet solution” mentality when it comes to IT security. Most often the software presented as solution is an AV package. However, I argue, this is far from sufficient and the better solution would be to have experienced and knowledgeable people implement and maintain a multi-layered…
-
Controlling people or giving them what they want?
It is incredible. Despite the efforts of the RIAA (EMI, Sony, Universal and Warner) or the MPAA (Sony, Walt Disney, Paramount, 20th Century Fox, Universal and Warner) their content can be found fairly easily on the “intertubes”. And you don’t even have to download torrents or ther such “advanced” things. There are a plethora of…
-
Security Maxims
Via Bruce Schneier: security maxims. Update: at the request of the original author I removed the embedded version. Please follow the link provided above to view the presentation (it is available free of charge and without registration). Some of my favourites: The confidence that people have in security is inversely proportional to how much they…
-
Antivirus survey
Via the Sunbelt blog: Marco Giorgini, a grad student, has been working on his thesis on consumer perceptions of antivirus software. Take the survey if you are so inclined. The interesting aspect of it is that it wants to gauge the motives behind the user’s decision to buy a certain product. More information can be…
-
Dynamic code generation in PHP
As in most scripting languages, you can dynamically generate code in PHP. As a sidenote: the reason why it is so simple to implement dynamic code in scripting languages is that you already have the “eval” function (it is called with the script), all you have to do is to provide an interface to it…
-
Interesting videos
Via Tim Bunce’s blog: “The greatest shortcoming of the human race is our inability to understand the exponential function” – by Dr. Albert Bartlett Applying risk management:
-
Creating gradients in PHP
A few days ago I was looking around for methods to calculate color gradients in PHP. Nothing I found seemed to fit (most of them were centered around creating pictures with GD), so I decided to roll my own. You can see the code below. There is a small test script attached to the end,…
-
Mixed links
An older ISC blog entry about signs that you have been compromised. It should be a must-read for anyone administering websites, even if s/he is doing it as a hobby. Not doing so can make you a launchpad for malicious activities. An other ISC blog entry points to a paper about fast-flux DNS and a…
-
fortitudehosting – an other “get rich quick scheme”
A few days ago I received the following email: Hi my name is Jeff and I came across your page http://hype-free.blogspot.com/2007/03/month-of-php-bugs-started.html which would be great for a text link to my client, a web host certifier. What I am looking for is a small text link, web hosting, and if you keep it for at…