SecurityRatty: tag: interfaces

Is there a better way to design interfaces?

2008-03-26 09:36:20 by HASH0x8b4f62c in StillSecure, After All These Years

...interfaces in one of two paradigms. The GUI kind of look and feel pioneered by Checkpoint or the command line standard that Cisco has made their own. It struck a chord with me because it was actually the second time I have heard the same comment this week alone. In speaking with one of the big analyst firms our own VP of product strategy,...

Tags: security product, security, andrew, gui, andrew grealy, cobia gui, security industry, command line standard, mouse

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...interfaces Voters can connect to unsecured network links in a polling place to subvert eSlates, as well as to eavesdrop on cast votes and to inject new votes. Poll workers can connect to JBCs or eScans over the management interfaces and perform back-office functions such as modifying the device software. The impact of this is that a malicious...

Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle

...interfaces (entry points) that parse and consume this data (e.g. file, network, registry, shared memory parsers). At Microsoft, we view fuzz testing as six distinct stages in which the output of each stage can impact or influence both the current and next iteration through the stages (e.g. after completing analysis work in stage 5 you could...

Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions

FireWire Is the New What? Complex Things Break - Be Aware

2008-03-06 15:26:36 by Posted By: Jay Heiser, Research VP in IT Leaders - Security and Risk Management

...interfaces you stick on a computer, the harder it becomes to control what happens to that computer. The more network services you have, the more remotely accessible things that can break. The more hardware interfaces, and the higher the level of service they provide, the more likely it is that a physical attack can be conducted without the...

Tags: interfaces, hardware interfaces, exploit firewire ports, lie awake, windows machines, complex, physical attack, network services, remotely accessible

Cisco IPS Jumbo Frame DoS

2008-06-18 21:22:45 by Dave Lewis in Liquidmatrix Security Digest

...interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames. This vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation. Platforms deployed in promiscuous mode only or that do not contain gigabit network interfaces are not...

Tags: gigabit network interfaces, vulnerability, service vulnerability, cisco, jumbo ethernet frames, recover platform operation, kernel panic, article link, power cycle

Minimizing the Attack Surface, Part 2

2008-07-07 21:10:25 by Chris Eng in Zero in a bit

...interfaces, because we know that developers tend to leave extraneous functionality exposed. The resulting findings usually generate reactions such as I didnt even know that servlet had an upload function An Example Heres a close-to-home example related to my post about DWR 2.0.5 from the other day. DWR is an Ajax framework that has a variety...

Tags: dwr-invoker dwr, dwr-invoker, dwr library, dwr, library, security, dwr dispatcher, security posture, point-in-time application profile

On virtualisation

2007-05-29 16:20:00 by Niels Provos in Google Online Security Blog

...interfaces, these should be used with caution in a security sensitive context Treat virtual machines as services that can be compromised Most administrators will take steps to limit the impact of a compromise of a network facing daemon, such as using chroot() or running the daemon as a low privileged user. These same tactics can be applied to...

Tags: machine, virtual machine process, virtual machine software, host machine, host, software, virtual machine, low, low level access

Goodbye IE6

2006-10-17 15:01:13 by Liudvikas Bukys in Liudvikas Bukys

...interfaces: The much-improved BlogLines feed selector, and the very-irritating Yahoo Finance streaming quotes feature (which slows down every refresh even when set to off). That may just be coincidence It does mean theres some serious undiscovered memory corruption going inside IE6 somewhere Its a good time to switch to FireFox and/or IE7

Tags: xpsp sp2 gdr, window contents, window, aggressive javascript interfaces, microsoft internet explorer, firefox andor ie7, bloglines feed selector, memory corruption, render correctly

Want Great Technology? Buy TIBCO (TIBX)

2008-01-18 11:42:27 by Tim Bass in The Complex Event Processing Blog

...interfaces and design-time and modelling environment to make business integration very easy. TIBCOs stockholders, like most great companies with a long history of the same executive management and management style, would greatly benefit from the acquisition Citigroups John Reilly Walsh upgraded TIBCO (TIBX) shares to Buy from Hold based on...

Tags: tibco, tibco spends, ibm buys tibco, tibco culture, tibco employess, oracle buys tibco, sun buys tibco, challenge oracle, oracle

Please Welcome Dr. Rainer von Ammon to The CEP Blog

2008-02-12 13:57:59 by Tim Bass in The Complex Event Processing Blog

...interfaces and component based application development. Before this Rainer was acting as manager of the field Basic Systems at the Mummert + Partner Unternehmensberatung, Hamburg. After finishing his studies of Information Sciences at the University of Regensburg, he started as project leader of Computer Based Office Systems (COBIS) from 1978...

Tags: cep blog, blog, rainer von ammon, rainer, cep, von ammon, sciences regensburg, sciences, generation cep

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo