How to Detect a Hacker Attack
I read an article called that way but then had to realize that it did not really address, what I expected. Why? Well, because it does not cover the key challenge in my opinion but…
DetailsWhat is More Important to You? Privacy or Safety?
This discussion is very old: How much privacy are we willing to give up to help to fight crime. This discussion has to be held in a society. The FBI just kick-started it again in the US.
DetailsCustomer Experience: Security Can Improve in the Cloud
Last week, when I was in South Africa, a partner of us pointed me to a very interesting paper by KPMG called Cloud computing: Australian lessons and experiences. What I like is, that a lot of the items I was recently raising, where actually reflected in quotes by customers of Cloud providers as well as by the general findings of the study.
The final conclusion is to me that there are a lot of security benefits moving to the Cloud.
Support and OpenSource
I know that I am not an OpenSource expert and to be completely clear: I do not want to complain at all but I would definitely think whether I would bet my company’s business processes on it… Let me give you my story
DetailsStuxnet: Future of warfare? Or just lax security?
What is your view?: Stuxnet: Future of warfare? Or just lax security?
Roger
The Value of Twitter–Revisited
Actually I had a few very interesting discussions lately as a reaction on my post Is There Any Value in Twitter? Yes? Think Again… and I think Thibaud brought it to the point: Mass-follow is the “problem†– in other words me . I had thought about getting out of Twitter but I will get…
DetailsReal Men Don’t Buy Girls
There was a press conference yesterday to launch the “Real Man” campaign to raise awareness about the problem of child sex slavery. You should listen to the press conference – if you can cope with it…
DetailsMicrosoft Security Essentials free for small businesses
I know that this is “old news†but I wanted to make sure that everybody has seen that: We will make Microsoft Security Essentials available for small business for free. Small businesses are up to 10 PCs. This is great news as a lot of small businesses do not use Anti-Malware Software and do not need any central management.
DetailsThe Risks of Pirated Software
Obviously I do not like people to steal software. Additionally, from at least two perspectives it adds security risks: People are less likely to patch and pirated software often comes wit pre-installed malware, which is then hard to detect. There is just such a case now with the iPhone: Fake iPhone jail-breaking tool packed with…
DetailsInfosecurity Virtual Conference
The cloud – and now I mean the volcano cloud – showed that there is not always a real need to travel far in to get the right information at an event of conference. I delivered a keynote via LiveMeeting (Virtual Keynotes – Do we always have to travel?) during the time the planes were…
DetailsInterpol’s Chief’s Facebook Identity Stolen
This is one of the risks, not a lot of people look into: It is fairly easy for me to setup a Facebook account in another person’s name. This is what happened to Ronald K. Noble, head of Interpol: Interpol Chief Ronald K. Noble Has Facebook Identity Stolen.
Roger
Is a “Zero-Trust” Model the Silver Bullet?
I was reading an interesting article: Forrester Pushes ‘Zero Trust’ Model For Security, where they mainly claim that you should not trust your internal network – something I am asking for since a long time. However, the conclusions Forrester and me are drawing are slightly different. John Kindervag – the person quoted in the article…
DetailsAdvisory for the ASP.NET Vulnerability
We are basically asking the industry to follow a Coordinated Vulnerability Disclosure and are therefore not in favor of public vulnerability disclosure as it puts the industry unnecessarily at risk. Recently there was a vulnerability in ASP.NET publically disclosed. We released an advisory and you should look into implementing the suggested workaround: Vulnerability in ASP.NET…
DetailsIs There Any Value in Twitter? Yes? Think Again…
I am tweeting since quite a while but the click-through rate is below 0.1%. Why is this the case? Is there actually any value of Twitter or is it just a system, which is taking care of it itseld?
Details“Chat with me” works again!
Quite a while ago, I implemented the possibility for people chatting with me via MSN Messenger on the web. I actually created a web-page to do so: Chat with me! I made a mistake, when I changed my LiveID. The bug is fixed.
DetailsMost Popular Usernames and Passwords
No clue what the source is but if they are right, it is scary: DRG SSH Username and Password Authentication Tag Clouds
Roger
Interesting Discussion on Social Media
Recently, we had an interesting discussion on Social Media. It actually all started with somebody sending a link around called http://pleaserobme.com/ to see who actually just said that they are not at home – information which can easily be gained through Twitter search.
DetailsThe Risks of Unofficial Patches
As soon as zero-days appear on the Internet, two things happen: Somebody publishes an exploit and somebody else an unoffical patch. How trustworthy are such updates? How should you handle them? It is all about risk management!
DetailsUsing Facebook to Promote an Event – Lecture in Johannesburg Next Week
I am just preparing my trip to South Africa next week. Our Chief Security Advisor in South Africa, Khomotso Kganyago does an outstanding job keeping my busy. He put together a great agenda – I just hope I can cope with everything he is expecting from me. Part of it is a public lecture at…
Details