September 5th, 2008 | By Robert Richardson | No Comments »
That the innermost band is static is a key bit of information you'll need if you're going to win the contest to come up with a clever way to use Cory Doctorow's wedding ring. Yes, wedding ring.
And I'm sort of peeved and affirmed all at once because I've spent really a frightening amount of time futzing with bracelet designs that could be used to generate multiple passwords for Web sites and the like. I ...
Read more..
September 4th, 2008 | By Robert Richardson | No Comments »
Holy cow -- it seems like we just posted episode 1. Um, and we did. But here's another one.
In this one, senior editor Sara Peters answers Robert's questions about what keeps her awake at night, at least with regard to virtualized data centers.
Program Notes:
Our guest: CSI Senior Editor Sara Peters.
The virtualization aggregator site is: virtualizationfeed.com
The real-life Chrome characters appear at: http://www.youtube.com/watch?v=JGmO7Oximw8
Read more..
September 4th, 2008 | By Sara Peters | No Comments »
We're already painfully well-acquainted with data security regulations that mandate that data and data storage devices be properly destroyed at the end of their lives.
But, guess what? You may already have new regulations to comply with: e-waste laws, which demand that your data storage devices be destroyed in a green, environmentally friendly way. So some of the old, effective, but somewhat barbaric ways you've used to destroy storage hardware before (like incineration, or bashing things ...
Read more..
September 3rd, 2008 | By Robert Richardson | No Comments »
Gah, still struggling with the presentation end of things, but you can get at episode one here. If I don't go ahead and post this, episode two will be up before episode one. Which seems wrong. Bear with me.
Anyway, this episode features a short discussion with Brad Smith, director of the Computer Institute of the Rockies, on the subject of BGP vulnerabilities. He agrees that ...
Read more..
September 2nd, 2008 | By Robert Richardson | No Comments »
Well, I had a cool little video chat today with Brad Smith, director of the Computer Institute of the Rockies. I wanted to get his take on how big a deal this whole BGP vulnerability thing is. The interview was supposed to wind up on the site today as the first episode of a Security Provoked video series... but life is never simple, is it. Although we're using what might be described as the coolest ...
Read more..
September 2nd, 2008 | By Sara Peters | No Comments »
Much to my nerdy delight, we hereby announce that the Payment Card Industry Security Standards Council will be holding a town hall meeting on the evening of Nov. 18, during our upcoming conference, CSI 2008: Security Reconsidered, in Washington, D.C. Bob Russo, general manager of the PCI Security Standards Council, and Troy Leach (CISSP, CISA), technical director of the PCI Security Standards Council, will be on hand to answer your questions and ask a few ...
Read more..
September 2nd, 2008 | By Kristen Romonovich | No Comments »
CSI members can follow the links below. If you are not yet a member and would like access to these articles, visit our CSI membership page to become a member.
Trust Your Endpoints to Trusted Computing
Though not a cure-all, it is a boon to endpoint security efforts. So why aren't you using it?
Defense Department Mandates That TPM Chips Be in All Devices
Who Makes Changes to the Trusted Computing Base?
Policy: If a trusted computing base (TCB) has ...
Read more..
September 1st, 2008 | By Robert Richardson | 1 Comment »
CSI members already know that we're migrating our documents to online formats. This is in part to be green (Robert inserts appropriate self-backpat here), but also because I believe that there are gains to be had in making much of what we do more--for lack of a better term--Web-Two-Oh-y.
I'll be the first to say that I don't know entirely what that means, but it does mean that CSI content will be increasing driven more ...
Read more..
August 31st, 2008 | By Robert Richardson | No Comments »
I don't have time--I have to be strong and keep telling myself that--but boy am I tempted to delve into the whole world of reverse engineering malware. I got dinged yesterday by this bit of creative malware genius that loads an "MS Antivirus" program on your machine. It jumps up pretty much as soon as you start using your Internet Explorer Browser (not Firefox, as far as I could tell) and looks for all the ...
Read more..
August 27th, 2008 | By Kristen Romonovich | No Comments »
Carnegie Mellon University researchers have released an extension for Firefox 3 that can protect wireless network users from man-in-the-middle browser attacks. The software called Perspectives is available as a free download. The software is open-source, so email the researchers if you would like to write code, run a notary or design GUIs.
When accessing a Web site, your communication is vulnerable to a man-in-the-middle browser attack. Unless you are able to securely verify the server, you ...
Read more..
The CSI View
Subscribe