Defense-in-depth is fundamental to the design of a secure system. It stems from the idea that software can have flaws; people can make configuration mistakes; and hardware devices can fail. To compensate for events like these, we do not want to rely on a single mechanism to defend our resources. Instead, we deploy multiple layers […]
Continue ReadingCategory: Security
Computer Security Tips and Best Practices
Protecting yourself is very challenging in the hostile environment of the internet. Imagine a global environment where an unscrupulous person from the other side of the planet can probe your computer for weaknesses, and exploit them to gain access to your most sensitive secrets. They can even use your computer to store data like stolen […]
Continue ReadingPreventing Security Threats from USB Storage Devices
Working in Computer Security, one of the biggest threats we face today is the threat of an Insider, an Employee who might casually walk in with his 4 GB USB Flash drive, plug it in to their computer within the corporate network and walk away with valuable data. I have seen solutions ranging from expensive […]
Continue ReadingOperating Systems Security: Year 2007 Vulnerability Report
Operating Systems Security: Year 2007 Vulnerability Report This paper analyzes the vulnerability disclosures and security updates during the year 2007 for Windows Vista Operating System when compared to its predecessor, Windows XP, along with other modern Client Operating Systems Red Hat, Ubuntu and Apple Mac OS X. The results of this analysis based on the […]
Continue ReadingMost Influential People in Security
Ryan Naraine over at eweek.com has come up with an interesting list of the top 15 most influential people in Computer Security. 1. Tavis Ormandy, Google Security Team’ 2. Ivan Krstic, One Laptop Per Child’ 3. Chris Paget, IOActive’ , Google 4. Bunnie Huang, Bunnie Studios’ 5. Michal Zalewski, Google’ 6. Window Snyder, Mozilla 7. […]
Continue Reading