Perimeter Grid
Building Security in a Networked World
- Last build:
- Language:
- en
- Feed URL:
- http://feeds.feedburner.com/PerimeterGrid
RSS FEED IDEMS: Perimeter Grid
- How to Get a Job in Information Security
Don Parker at SecurityFocus has an article called Skills for the Future about how to get a job in information security. He outlines one path, and while I don’t deny it’s a good one, and probably the most common, it’s not the only way, either. There are quite a few different areas of specialization within [...]
Fri, 01 Feb 2008 01:27:15 +0000 - Semi-Electronic Bank Robbery
The AP has a story about an electronic bank robbery foiled when a bank employee pulled the plug on the robbers’ network connection. Apparently the robbers had gained physical access to the employee’s workstation at some point, and installed “advanced technical equipment” underneath the desk to remotely control the computer. I would guess that the “advanced [...]
Wed, 30 Jan 2008 18:14:26 +0000 - …Or Maybe They Do
On further investigation, it turns out that there is a reason for the DRM protection on Qtrax downloads… it’s just not to prevent piracy. When a Qtrax-downloaded file is played, the WMA licensing notifies Qtrax of the act — so that they can divvy up advertising revenue from the site based on what people are listening [...]
Mon, 28 Jan 2008 01:35:15 +0000 - Record Companies Still Don’t Understand DRM
So, there’s been a lot of news about Qtrax, a new music download service approved by the major record labels. It sounds like a good thing for consumers — a Songbird-based browser lets you select pretty much any song imaginable, including the entire catalog of songs available from iTunes, and download it freely and [...]
Mon, 28 Jan 2008 01:21:53 +0000 - IP Addresses: Personally Identifiable Information?
Peter Scharr, Germany’s Commissioner of Data Protection and head of the European Union’s privacy working group, has stated that information identified only by IP address must be considered personally identifiable information. As the AP article points out, this could have rather serious implications for search engines and many other electronic businesses, and RSnake is [...]
Fri, 25 Jan 2008 04:06:46 +0000 - Broadband Steps Backwards
The recent news from broadband providers seems to be all about how to make their product less appealing to customers. First of all, the AP reports that AT&T is still considering filtering backbone traffic. They say they’ve noticed the massive amount of copyrighted data being shared over P2P networks, and feel a need to do [...]
Wed, 23 Jan 2008 17:49:15 +0000 - The Resilient Society, and How Not To Build It
Today I found a link to an article by my least-favorite current presidential candidate, Rudy Giuliani. I was expecting a cavalcade of fear-mongering — his usual stock in trade — but discovered to my surprise an article entitled “The Resilient Society.” This gave me pause, as resilience is precisely what I believe must [...]
Wed, 16 Jan 2008 23:44:15 +0000 - WPAD: Internet Explorer’s Worst Feature
If you run Internet Explorer, you may have noticed that often when you first load up IE and try to navigate to a web page, there’s a delay of a few seconds longer than there is on subsequent page loads. This is because IE is trying to automatically detect your proxy settings. Inside [...]
Fri, 11 Jan 2008 19:09:49 +0000 - Sears & KMart’s Official Malware
CA’s Security Advisor Research Blog has an interesting post about a bit of malware they discovered when doing research for their Anti-Spyware product — the My SHC Community system. You’re offered a chance to join when you buy something from sears.com or kmart.com. The system offers you “special offers and promotions,” the usual [...]
Fri, 04 Jan 2008 19:08:11 +0000 - Checks: The Most Dangerous Transaction
During this year’s Christmas shopping season, I made some large in-person transactions at the same time as my wife made an online transaction, and my credit card was suspended by the issuing bank for potential fraudulent activity. This happens relatively often, whenever someone’s spending patterns are flagged by the neural-network based automated fraud detection used [...]
Wed, 02 Jan 2008 01:23:24 +0000 - A Bit About DNS
The Domain Name System is generally taken for granted. You put in a name, like perimetergrid.com, and you get back an IP address (at the time of this post, 66.33.198.185.) The addresses change sometimes, but it just works. However, it’s taken for granted so often that sometimes big security consequences lurk within. I’m [...]
Tue, 18 Dec 2007 06:49:18 +0000 - Flash and the Same-Origin Policy
Web browsers protect the user from attacks largely through the same-origin policy: any code from one web site (such as HTML pages or JavaScript) is not permitted to interact with any code from another web site. I can make a web page that embeds a Hotmail window in the middle of it (with an [...]
Fri, 14 Dec 2007 19:30:31 +0000 - Anonymity with TOR and its limits
The post at the Unwired Video Blog about TOR has been getting a lot of publicity, having been linked to by both Lifehacker and Boing Boing. It provides a quick overview of TOR, how it works, and how to use it to browse the Web anonymously. This is a good thing; people using services like [...]
Mon, 10 Dec 2007 22:32:02 +0000 - New Legislation: SAFE and PRO IP
There has been some controversy over two new security-related bills in the United States Congress right now: the SAFE Act and PRO IP. The SAFE Act (Secure Adolescents From Exploitation Online; another case where the acronym almost certainly came first) aims to protect children and teenagers from exploitation by increasing enforcement of child pornography laws. Not, [...]
Fri, 07 Dec 2007 22:47:40 +0000 - Securing Data at Rest with Cryptography
Over at Schneier on Security, Bruce Schneier has a post today about securing data on disk. Encryption is often sold as a panacea for all security problems — which it’s not — but keeping people from reading your data if they steal your laptop is one thing encryption is really good at, and it’s [...]
Tue, 04 Dec 2007 20:12:50 +0000
