Mostly Security Snippets from Tom Olzak

Is Comcast Pulling Wool

Tue, 17 Mar 2009 20:48:04 -0400

Reports of data breaches aren’t uncommon. And explanations are typically slow in coming, but most large organizations fall on the proverbial sword and admit their security controls played a role in…

PCI DSS Compliance Made Easier, but Upside Down

Mon, 16 Mar 2009 19:42:37 -0400

PCI DSS Compliance Made Easier, but Upside Down:

Most companies required to jump on the PCI DSS wagon are SMBs. So implementing security controls to protect cardholder information is not an easy task. And the difficulties begin when business owners…

Maybe we should use the threat of space aliens next

Sat, 14 Mar 2009 09:52:54 -0400

Maybe we should use the threat of space aliens next:

Now security researchers and vendors are using the threat of cyber-warfare to push vulnerability mitigation. Maybe we should try space aliens next.

Risk Mitigation Drives Breach Prevention Costs

Fri, 13 Mar 2009 14:46:08 -0400

Risk Mitigation Drives Breach Prevention Costs:

Remember the objective of breach risk mitigation is to increase the effort necessary to successfully breach a network, system, etc. beyond the value gained by a successful attack. Most…

New Centralized Storage for SMBs

Thu, 12 Mar 2009 08:43:16 -0400

New Centralized Storage for SMBs:

Keeping all your sensitive information in a centralized location helps with security. However, SMBs with large storage needs (or home users with way too much audio-video gear) may find the new D-Link…

The DoS Still Does Not Get It

Wed, 11 Mar 2009 11:42:15 -0400

The DoS Still Does Not Get It:

The DoD not only doesn’t protect national defense secrets like they’re, well, national defense secrets. It simply doesn’t follow basic security practices.

Penetration tools continue to improve, how about your defenses?

Mon, 09 Mar 2009 20:12:12 -0400

Penetration tools continue to improve, how about your defenses?:

Developers of tools used to penetrate networks seem to have unlimited resources to draw upon as they continue to improve ways to crack through your network and device defenses. Your defense should…

"Juniper is set to launch software to allows security products from competing vendors to share and..."

Mon, 09 Mar 2009 12:33:47 -0400

“

Juniper is set to launch software to allows security products from competing vendors to share and analyse log information in order to determine the root cause of network problems and fix them.

Called Adaptive Threat Management, the data-sharing software includes upgrades to its SSL VPN and Unified Access Control devices that enable them to publish log information to a UAC server that shares the data with other platforms.

”

- Juniper offers multi-vendor threat management, Tim Greene, Network World, 9 March 2009

Cyber profiling benefits and pitfalls

Sun, 08 Mar 2009 20:47:05 -0400

Cyber profiling benefits and pitfalls:

Cyber profiling provides deeper insights into a prospective candidate character. It can also send the wrong message.

Vet employees, vet employees, vet employees

Fri, 06 Mar 2009 12:43:03 -0500

Vet employees, vet employees, vet employees:

Placing new employees in positions of trust requires establishing how far new people can actually be trusted. This seems like common sense, but a recent incident demonstrates just how little some…

Windows Mobile Protection on a Smart Card

Fri, 06 Mar 2009 11:42:58 -0500

Windows Mobile Protection on a Smart Card:

Smartcard protection on an SD card, easy and pain free.

"A senior Democratic lawmaker said on Thursday he would push to pass legislation to repeal a..."

Fri, 06 Mar 2009 11:16:23 -0500

“

A senior Democratic lawmaker said on Thursday he would push to pass legislation to repeal a three-year-old U.S. ban on Internet gambling that has hurt trade ties with European Union.

“I’m going to be pushing it,” House of Representatives Financial Services Committee Chairman Barney Frank told reporters at a press conference to lay out his agenda for reforming U.S. financial regulation.

Work on drafting the legislation should be completed this month, a House aide said.

Congress attempted in 2006 to quash online gambling in the United States by barring businesses from knowingly accepting payments in connection with unlawful Internet gambling, including payments made through credit cards, electronic fund transfers and checks.

”

- Online Gambling Ban May Get Nixed, Reuters

Cyber-terrorism: Private organizations have responsibilities, too

Thu, 05 Mar 2009 13:33:57 -0500

Cyber-terrorism: Private organizations have responsibilities, too:

Reports of corporate and government database breaches aren’t new. Neither are reports of Chinese and Russian efforts to find ways of compromising the national infrastructure, and therefore the…

Firefox 3.1 beta will be available on March 10.

Thu, 05 Mar 2009 10:11:35 -0500

Firefox 3.1 beta will be available on March 10.

AV software doesn't protect against bots... duh!

Wed, 04 Mar 2009 12:38:00 -0500

I’ve written several times about the need for extrusion detection systems to track bots on networks. At home, personal frewalls configured to block unwanted outgoing traffic are usually sufficient. And the large number of articles, blog posts, tweets, etc. about the global botnet problem should make any security manager anxious. However, a security company claims 3 to 5 percent of company systems still infected by bots?

"For the first time, scientists have successfully teleported information between two separate atoms..."

Wed, 04 Mar 2009 08:57:40 -0500

“

For the first time, scientists have successfully teleported information between two separate atoms in unconnected enclosures a meter apart – a significant milestone in the global quest for practical quantum information processing.

Teleportation may be nature’s most mysterious form of transport: Quantum information, such as the spin of a particle or the polarization of a photon, is transferred from one place to another, but without traveling through any physical medium. It has previously been achieved between photons over very large distances, between photons and ensembles of atoms, and between two nearby atoms through the intermediary action of a third. None of those, however, provides a feasible means of holding and managing quantum information over long distances.

”

- Long-distance Teleportation Between Atoms

Windows 7: Mobile Data Protection with Bitlocker ToGo

Wed, 04 Mar 2009 08:30:39 -0500

Windows 7: Mobile Data Protection with Bitlocker ToGo:

Still looking for an easy, affordable solution for encrypting USB storage? Working on a limited budge while trying to figure out how to force encryption of mobile data? Your problems may be over if…

No this isn’t security, but it’s still very cool.

Mon, 02 Mar 2009 14:38:14 -0500

No this isn’t security, but it’s still very cool.

Vue peel and stick personal video network going into beta....

Mon, 02 Mar 2009 13:00:00 -0500

Vue peel and stick personal video network going into beta. Inexpensive solution for home or small business security.

Forensics: Reassembling fragmented digital images

Mon, 02 Mar 2009 12:40:14 -0500

A new, inexpensive product can piece together deleted or fragmented digital images.