[Previous] Join the Microsoft Security Essentials Ongoing Beta...

 [Next] Questions for the Homeland Security Committee Witnesses ......

Some related posts from Technorati and Google.

[Schneier on Security] Schneier on Security: Is Antivirus Dead?: Acording to the "Myths and Legands" of computing the original architect of MS's New Technology Dave Cutler (lead on DECs VMS & RSX11) went to MS in the late 1980's supposedly promising to make a "better unix than unix". Work officialy started in Nov 88 to forfill MS's commitment to IBM over OS/2.

[Nick Hadlee's Blog on SharePoint and Other Occasional Rants...] What's in Your SharePoint Toolbox? « Nick Hadlee's Blog on ...: The massive end-user, IT pro, and developer community that has evolved around SharePoint has shared a rich set of tools, best practices, and guidance for the wider benefit of the SharePoint community. It should be mentioned there is also a lot of stuff out there in the wild that shouldn’t be adopted but I think that is the nature of all information on the internet.

[The ICSI Networking Group Blog] The ICSI Networking Group Blog: Sidejacking, Forced Sidejacking ...: This also suggests that attempting to fix other sites with Greasemonkey wouldn't work either if they have any form of "URL for SSL that transitions to non SSL and updates the cookie" that the attacker can inject to extract a session cookie from. And it points out the problem with any site which uses "SSL-only" to check an existing login cookie to generate a session cookie: to an active attacker, although the attacker can't capture the SSL-only login cookie, he can use the login cookie to generate a session cookie.

[Schneier on Security] Schneier on Security: Password Advice: email access whilst travelling light, I'll actually create a couple of "disposable" accounts beforehand, change the password everytime I login, and cancel them afterwards. In principle the owner of a key logger could get to the password quickly enough to take over the account before it's changed, but it's never happened yet, and all I need to do is use the backup account to tell everyone to stop using the compromised one.

[Making Light] Making Light: Restoration Hardware et al. vs. the TSA: Admittedly, my airport job gave me a lot of practice at streamlining myself, my baggage, and my workflow so I know how to get through smoothly (most workdays, I went inbound through the security checkpoint at least 20 times), but I have NEVER had the amount of stupid, overblown hassle over piddly, normal things as I do when I fly through third-tier city airports like SMF. The biggest airports can't do it because it would destroy them;

[Schneier on Security] Schneier on Security: The Skein Hash Function: If you can find a collision in 2^250 work, say, then the algorithm is theoretically weak but that may have little practical relevance. Having said that, attacks on an algorithm are only going to get better so a theoretical attack may be an indicator for the future - which is why NIST has created the SHA-3 competition in the first place (there are serious questions over SHA-2 family).

[BBC Blog Network] BBC - Richard Black's Earth Watch: Copenhagen Countdown: 10 days: I have spent much time reading all the comments on this blog it saddens me some what that so many gullible people fall for the latest mantra or pseudo religion.Some years back the genetic code threw up a gene that was dubbed the Jesus gene, those who have it get sucked in to a faith based irrational belief system.The money spent on this Co2 nonsense would be better spent on finding a cure for this, what could only be termed as, rather strange, I am right die in hell behavior.The science is far from in,it proves nothing, many scientists have very conflicting provable and demonstrable and repeatable data, the puts paid to this nonsense, that is our fault pay up or die garbage.Main stream science took many wrong turns in the last 100 years and are now bogged down in a quagmire of quantum mechanics and a standard model that is to say the least useless.Truth lays in all of the universe that everything is reduced to a minimum that causes all things to happen.Four pieces of code in genetics give rise to the myriad of possibilities for all life.Yet main stream science has invented more than a hundred imaginary particles to try and make their theory work.Four is enough,scientists all, that have disagreed with the herd and had real provable alternatives have been derided, pilloried and refused publication.Anybody see a repeat performance with this, it is all your fault nonsense.If Co2 is a bad pollutant,I hope all the followers of this scam are practicing a safe contraceptive procedure as every new human breathes in, absorbs oxygen and breathes out Co2,The sad thing is Co2 is a good safe commodity to have in the atmosphere, it promotes plant growth and heathy forests.More food and bigger trees a huge plus.The world your Gaia has been trying desperately to shake off its mantle of ice and be temperate and tropical, as is her normal state.20000 years ago England was mostly buried under miles of ice.The civilization of humans can be traced back to this time,I do believe that they would be delighted that at last our world is almost how it should be.The thing and the only concern that I have is that by all the facts from the real scientists, Europe may be entering a period of cold such as they have endured before in historic times.This is a real possibility from the data and the records.Do not take my word for it let your fingers do the walking on the net and find the real scientists, who have been reduced to the net, by stupidity of those who hold the keys to the purse. Science in all its forms is the pursuit of truth and knowledge, many it would seem have sold their souls for tenure and fleeting fame.The world at this time spends billions on scientists in the pursuit of proving fairy tales.I ask science what is electricity,magnetism gravity what is light,what indeed is matter.They have non but 100 year old text book answers, that explain nothing.Renaissance in science, even a revolution is needed for the science that is required to fix the sickness that permeates main stream scientific thought.A believer that Co2 is a problem I think not.

[Armed and Dangerous] Armed and Dangerous » Blog Archive » The pragmatics of webscraping: If you are lucky, your target forge already has an export feature that will dump everything to you in clean XML or JSON; in that case, you have a fairly trivial exercise using BeautifulStoneSoup or the Python-library JSON parser and can skip the rest of this section.

[Schneier on Security] Schneier on Security: The Doghouse: Crypteto: My email was a first announcement to the academic world of the TOUAREG Encryption Algorithm, which, somewhat unusually, has a session key strength of over 49,000 bits and yet runs at 3 Megabytes per second. Bearing in mind that the strongest version of BLOWFISH has a session key of 448 bits and that every additional bit doubles the task of key-crashing, I imagined that my announcement would create more than a mild flutter of interest.

Reflected tags on Technorati: Blog, Security, Global Security Watch