SEARCH RESULTS
 
Showing 1-10 of 63 records
 
Expand article

Windows Integrity Mechanism: more than you ever wanted to know

2007-07-13 17:49:09 by Steve Riley in Steve Riley on Security
 
A while back, the technology in Vista called mandatory integrity control got a new name: Windows integrity mechanism. Recently the folks responsible for developing the technology have posted a good amount of documentation on it. Read the Windows Vista Integrity Mechanism Technical Reference for all the details
 
Tags: windows integrity mechanism, mandatory integrity control, folks responsible, technology, recently, details, vista, amount, documentation
 
 
 
 
Expand article

Mashup of the Titans

2008-06-25 17:29:25 by Gunnar Peterson in 1 Raindrop
 
...mechanism: Keep the design as simple and small as possible. This well-known principle applies to any aspect of a system, but it deserves emphasis for protection mechanisms for this reason: design and implementation errors that result in unwanted access paths will not be noticed during normal use (since normal use usually does not include...
 
Tags: protection mechanisms, protection mechanisms correctly, information security, information, implements protection mechanisms, information travels, information security people, protection, potential information path
 
 
 
 
Expand article

Sun To Pick Up Java Droppings In Future

2008-08-10 21:27:28 by Editor in Cheap Hack
 
...mechanism has also been improved, using a patch-in-place mechanism that translates in a faster and more reliable update process (the patch in place mechanism will take effect for end users who upgrade from this update release or later to a new update release). As an added benefit, follow-on update releases will no longer be listed as separate...
 
Tags: java, java platform, current java versions, patch-in-place mechanism, mechanism, versions, sun, current users, patch
 
 
 
 
Expand article

The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

2008-11-18 22:47:55 by Gunnar Peterson in 1 Raindrop
 
...mechanisms. Gary McGraw's estimate shows the software security space coming in at $150 Million total, yet we see a company like Checkpoint that won the network security war in 1995 with earnings of around $900 Million! One single network security vendor is 6 times bigger than the entire software security space, in what alternate universe does...
 
Tags: information security, information, information security spends, safety information security, versus information security, information security budgets, information security budget, software security, software security space
 
 
 
 
Expand article

Benevolent Worms

2008-02-19 06:57:11 by schneier in Schneier on Security
 
...mechanisms are inherently bad, and giving them beneficial payloads doesn't make things better. A worm is no tool for any rational network administrator, regardless of intent A good software distribution mechanism has the following characteristics People can choose the options they want Installation is adapted to the host it's running on It's...
 
Tags: software worms spread, worms, software, bad software distribution, worm, successful worm, beneficial worms, software distribution mechanism, worm quieter
 
 
 
 
Expand article

WordPress 2.5 Cookie Forging Explained

2008-04-25 21:46:49 by Chris Eng in Zero in a bit
 
...mechanism work The advisory describes the structure of the WordPress authentication cookie as follows The new cookies are of the form: "wordpress ".COOKIEHASH = USERNAME . "|" . EXPIRY TIME . "|" . MAC Where: COOKIEHASH: MD5 hash of the site URL (to maintain cookie uniqueness) USERNAME: The username for the authenticated user EXPIRY TIME:...
 
Tags: cookie, wordpress authentication cookie, authentication cookie, cookie integrity bug, hash, hash hmac, user, user identity, maintain cookie uniqueness
 
 
 
 
Expand article

Latest 802.11 Standard Boosts Wi-Fi Power in New Band

2008-06-25 14:01:44 by Glennf in Wi-Fi Networking News
 
...mechanism allows any number of operators to obtain inexpensive licenses, and register the base stations they use by location. If interference arises among base stations, operators are required to work out the problems themselves. I wrote extensively about this band and its rules on 9-May-2008 in profiling Azulstar , formerly a metro-scale...
 
Tags: band, power, wi-fi, ghz band, ghz, equipment, wimax equipment, metro-scale wi-fi firm, power output
 
 
 
 
Expand article

How can we co-operate to tackle phishing?

2008-10-27 12:47:06 by Tyler Moore in Light Blue Touchpaper
 
...mechanism that gives take-down companies the incentive to keep detecting more phishing URLs Here is our stab at devising a suitable sharing mechanism. We propose the creation of a members-only sharing club with compensation for net contributors paid for by net receivers. Take-down companies submit real-time copies of their entire feeds to a...
 
Tags: companies, take-down companies provide, hired take-down company, take-down company, take-down companies, company, feeds, entire feeds, url feeds completely
 
 
 
 
Expand article

Do you trust the merchants to protect your credit cards?

2007-12-11 09:01:26 by Khalid Kark in Security & Risk Management
 
...mechanism and provide the ability to retrieve transactions based on transaction/approval numbers. All point of sale systems would need to be modified to work in the new paradigm. Lastly, the merchants would need to upgrade their software and change their practices to ensure that they are not keeping any sensitive information. All this is...
 
Tags: card industry, card, payment card industry, credit card, merchants, credit card companies, provide merchants, merchants change, security
 
 
 
 
Expand article

Phishers and Malware authors beware!

2007-06-18 14:59:00 by Niels Provos in