Do We Really Need a Security Industry?
,----[ Quote ]
| Aftermarket security is actually a very inefficient way to spend our
| security dollars; it may compensate for insecure IT products, but
| doesn't help improve their security. Additionally, as long as IT
| security is a separate industry, there will be companies making
| money based on insecurity -- companies who will lose money if the
| internet becomes more secure.
`----
http://www.wired.com/politics/security/commentary/securitymatters/2007/05/securitymatters_0503
And guess what product Microsoft has just released?
Rivals dismiss Microsoft Forefront security push
,----[ Quote ]
| Security rivals were quick to suggest that the software will prove
| little better than the company's consumer anti-virus software,
| which performed disappointingly in independent tests earlier this
| year.
|
| [...]
|
| "From what Microsoft has said publicly, Forefront Client Security
| is based off the same anti-virus and anti-spyware technology as
| its OneCare product. OneCare has failed multiple third-party
| anti-virus tests, including the latest Virus Bulletin, which is
| widely considered the benchmark test for AV [anti-virus] engines,"
| it said.
`----
http://www.theregister.co.uk/2007/05/03/ms_forefront/
Creating more unnecessary and wasteful jobs.
Time for new network security certification
,----[ Quote ]
| Here you would have people certified as MCSE's after a week,
| with little prior experience, yet they couldn't install a printer
| driver. This is a perfect example of good memory skills in place
| of understanding the underlying theory.
`----
http://www.theregister.co.uk/2007/05/03/giac_certification/
Related:
Schneier questions need for security industry
,----[ Quote ]
| "We shouldn't have to come and find a company to secure our e-mail.
| E-mail should already be secure. We shouldn't have to buy from
| somebody to secure our network or servers. Our networks and servers
| should already be secure."
`----
http://news.zdnet.com/2100-1009_22-6179500.html
Microsoft shipped OneCare unfinished?
,----[ Quote ]
| Since shipping in May, OneCare has failed industry tests and exposed
| users to attack because of a security flaw in the antivirus engine.
| The application also incorrectly flagged Gmail as a virus and in some
| cases quarantined or even deleted complete in-boxes when a single
| e-mail was laden with a virus.
`----
http://news.com.com/2061-10789_3-6168629.html?part=rss&tag=2547-1_3-0-20&subj=news
Botnet 'pandemic' threatens to strangle the net
,----[ Quote ]
| Cerf estimated that between 100 million and 150 million of the
| 600 million PCs on the internet are under the control of hackers,
| the BBC reports.
`----
http://www.theregister.co.uk/2007/01/26/botnet_threat/
Microsoft takes a 'Patch Tuesday' break
,----[ Quote ]
| Microsoft has no new security updates planned for Tuesday, despite
| at least five zero-day vulnerabilities that are waiting to be fixed.
`----
http://news.zdnet.com/2100-1009_22-6165647.html
Vista still vulnerable
,----[ Quote ]
| Vulnerabilities in Windows Vista will plague users in coming months
| and years, a prominent security researcher warns, despite its
| security improvements over predecessor XP.
`----
http://www.smh.com.au/news/security/vista-still-vulnerable/2007/02/26/1172338546822.html
http://tinyurl.com/2o82lf
Flaw found in Office 2007
,----[ Quote ]
| Researchers have discovered a "highly critical" security flaw in
| newly released Office 2007, despite Microsoft's efforts to deliver
| its most secure version yet of the productivity software.
`----
http://news.zdnet.com/2100-1009_22-6161835.html
Homeland Security sees cyberthreats on the rise
,----[ Quote ]
| To test the nation's response to a cyberattack, the Department
| of Homeland Security plans to hold another major exercise,
| called Cyberstorm II, in March 2008, Garcia said. A first
| such exercise happened early last year.
`----
http://news.com.com/2100-7355_3-6157809.html?part=rss&tag=2547-1_3-0-20&subj=news
http://tinyurl.com/2dpbmv
Zombie botnets attack global DNS servers
,----[ Quote ]
| Hackers launched a sustained attack last night against key root servers
| which form the backbone of the internet.
|
| Security firm Sophos said that botnets of zombie PCs bombarded the
| internet's domain name system (DNS) servers with traffic.
|
| "These zombie computers could have brought the web to its knees,"
| said Graham Cluley, senior technology consultant at Sophos.
`----
http://www.vnunet.com/vnunet/news/2174383/zombie-botnets-attack-global
Perspective: Microsoft security--no more second chances?
,----[ Excerpt ]
| CNET News.com's Charles Cooper says the software maker is running out
| of excuses for a history of poor security.
`----
,----[ Quote ]
| As if Homeland Security Secretary Michael Chertoff didn't have enough on
| his plate.
|
| Not only has he had to deal with Katrina and Osama. Now he's also got to
| whip Steve Ballmer and the crew at Microsoft into shape. If past is
| prologue, that last task may be the most daunting of all.
`----
http://news.com.com/2010-1002_3-6104512.html?part=rss&tag=6104512&subj=news
EveryDNS, OpenDNS Under Botnet DDoS Attack
,----[ Quote ]
| The last time the Web mob (spammers and phishers using botnets)
| decided to go after a security service, Blue Security was forced
| to fold and collateral damage extended to several businesses,
| including Six Apart.
`----
http://securitywatch.eweek.com/exploits_and_attacks/everydns_opendns_under_botnet_ddos_attack.html
Linux Security: A Big Edge Over Windows
,----[ Quote ]
| Linux is better at locking down a computer than Windows. The Linux OS
| uses configuration settings and user permissions to a much more
| efficient degree than the Windows administrator account. To do
| this, non-enterprise users should seek help from third-party
| security suites that serve as configuration managers, James
| Bottomley, chief technology officer of SteelEye Technology said.
`----
http://www.linuxinsider.com/rsstory/54742.html
Security Report: Windows vs Linux
,----[Executive summary ]
| Finally, we also include a brief overview of relevant conceptual
| differences between Windows and Linux, to offer an insight into why
| Windows tends to be more vulnerable to attacks at both server and desktop,
| and why Linux is inherently more secure
`----
http://www.theregister.co.uk/security/security_report_windows_vs_linux/
Microsoft Windows: Insecure by Design
http://www.washingtonpost.com/ac2/wp-dyn/A34978-2003Aug23?language=printer
If Only We Knew Then What We Know Now About Windows XP
,----[ Quote ]
| You can think of Windows XP as a house with a second floor built of
| spackle, wood filler and duct tape.
`----
http://www.washingtonpost.com/wp-dyn/content/article/2006/09/23/AR2006092300510.html?nav=rss_technology
Why Windows is a security nightmare.
http://www.smh.com.au/articles/2004/05/21/1085120110704.html
Study: Billions of dollars spent on security
,----[ Quote ]
| Large U.S. businesses will spend $61 billion on security by the end
| of this year, representing 7.3 percent of total IT budgets in the
| country, according to a new report from Info-Tech Research Group.
`----
http://news.com.com/2110-7350_3-6135989.html?part=rss&tag=2547-1_3-0-20&subj=news
|
|
