-
The human aspect of security
The weakest link in security are humans. This is both good (when you have a system where the weakest link isn’t technology means that you succeeded from a technological standpoint) and bad (because you must learn new skills to try to mitigate the new threat). A couple of days ago I downloaded the Ubuntu 8.04…
-
The problem with amateur crimefighters
I wish to preface this with the fact that I am a deep believer in cooperation and data sharing. Also, I really appreciate the work that volunteers put into maintaining different resources (like the excellent CastleCops forums). But you have to remember that these people are not professionals and sometimes don’t have a complete understanding…
-
Web Applicaiton Firewalls – are they usefull?
I was looking through a presentation by .mario about PHPIDS (embedded below for your convenience), which got me thinking about Web Application Firewalls (or WAFs for short). Currently I don’t see very much value in WAFs. My way of thinking goes something like this – there are two types of web applications you might run…
-
A (not so new) technique for breaking databases
There is joke which goes something like: those who know how to do it, do it. Those who don’t, teach it. Those who don’t even know how to teach it, supervise it. Sadly this is true for many tech journalists who make up sensationalized titles both because of lack of comprehension and because they have…
-
Why prevention (rather than cure) is a must for the malware problem?
Lately I have seen a movement towards the idea that you can’t prevent security problems, so you should do your best to detect and eliminate them. While I agree with this in the general sense, it is clear that a very strong tendency in malware evolution nowdays is to make it both as stealth as…
-
Race to Zero
Disclaimer: I work for a security company. This post (and all others, unless marked explicitly otherwise) represent my own opinions and do not necessarily reflect the views of my current or past employers. As expected, the announced Race to Zero competition has raised quite some stir, similar to the test performed by ConsumerReports. Here are…
-
Think Vitamin compromised?
I’m pretty sure I was not hallucinating… Earlier, when I was reading the Developing with Google App Engine, Part I in my RSS reader, I noticed some spammy links at the end of the article (the kind offering free stuff). I visited the original page, and surely, there it was. It all seems to be…
-
Windows XP High-Security Configuration
Update: I found out that SRP has some rather nasty limitations (including the ability to circumvent it even as a limited user) which makes much less effective than I initially thought. I still thing it is very useful, but please read the linked article and make your own judgement call. As I mentioned in a…
-
Google spam – aka I’m back
My workload has lightened a little and hopefully I can continue to blog more frequently. But enough of this, let’s get to our main subject: Recently I’ve been seeing a growing number of spam which links to Google instead of the spam site. The idea is (probably) to avoid filters which check the link targets…
-
Vulnerabilities and hype
Take some vulnerabilities, don’t investigate the conditions which are needed to exploit them, and you got a good old fashioned security hype. The gist of it: there are some flaws in the ActiveX controls VMWare installs. The possible attack scenario for these vulnerabilities looks like this: The user has VMWare (or VMWare Disk Mounter for…