TrueCrypt and NSA Lessons on Updating Projector Software
- Details
- Category: Basic Lessons
-
15 Jun 2014
Science and R&D says it will keep moving data from the mystery to the usable.
Security expertise tries to promise the same, with the same infinite number of possible failures. Fortunately there are life lessons that we can apply to our projection room and attached networked devices from the latest exposition of these failures.
From the NAB videos of John Hurst's logical pleas (posted at CineTechGeek) to Bruce Schneier's Disclosing vs. Hoarding Vulnerabilities article to the flurry of Heartbleed to the news of the well-used TrueCrypt's announcement...we should get the message: No matter the trauma, or threat of trauma, Upgrade Your Software and Firmware.
CryptoCourse and RESTful SSL Considerations
- Details
- Category: Basic Lessons
-
13 Nov 2012
Cryptography I | Coursera / Go now
The Most Dangerous Code in the World:Validating SSL Certificates in Non-Browser Software
Paper: www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
Article: SSL Vulnerabilities Found in Critical Non-Browser Software Packages | threatpost
Discussion/FAQ: The Most Dangerous Code in the World: FAQ
The Basics and a Tool for Creative Commons
- Details
- Category: Basic Lessons
-
05 Aug 2012
A nice article giving the basics of the Creative Commons License from Katherine Noyes in PC World: How to Protect Your Artistic Works With a Creative Commons License | PCWorld Business Center
Followed by another of her articles that refer to a tool that helps decide which license to choose for your situation: Need to Choose a Creative Commons License? This New Tool Can Help | PCWorld Business Center
Breach Mitigation or Bust?
- Details
- Category: Basic Lessons
-
19 Aug 2012
"It’s better to assume your organisation has already been compromised and develop defences based around that assumption."
The maxim is that you can try to protect your network one angle at a time, but hackers can pop the bubble from any place on the sphere. This article from ITPro points to some of the simple things to consider when protecting your network.
I was recently talking to someone who brute forced a BT Business Hub, the sort used by hundreds of thousands of businesses across the UK, using hardware costing less than £35 and it supposedly took him less than 48 hours to crack the 10 character default WPA key.
Invest just a little more money and that timescale starts to look like an absolute age. The truth is that it's a lot easier than you may imagine to breach the network perimeter these days, and if an attacker is determined enough then the chances are they will succeed.
How To Break Into Security-Part One
- Details
- Category: Basic Lessons
-
25 Jun 2012
Krebs on Security has started a series named How To Break Into Security.
I decided to ask some of the brightest minds in the security industry today what advice they’d give. Almost everyone I asked said they, too, frequently get asked the very same question, but each had surprisingly different takes on the subject.
How to Break Into Security, Ptacek Edition — Krebs on Security
Now might be a good time to give the job of reading these to your apprentice.