Lock the doors and throw away the ethernet ports

When a computer is connected to a network to download the latest security patches for the first time, it is truly a sheep among the wolves. Recently I wrote about this and now CERT has taken the time to publish guidelines for new computer owners. After all as they point out, the time for an unprotected computer to be compromised is measured in minutes on many networks. Many probably do not make the correlation between home computers and UCE/SPAM, DDOS…

Read More

Password Policies

I’ve finally found a password policy I can live with! Minimum length 8 characters Not in any dictionary. No word or phrase bearing any connection to the holder. Containing no characters in the ASCII character set. No characters typeable on a Sun type 5 keyboard No subset of one character or more must have appeared on Usenet news, /dev/mem, rand(3), or the King James bible (version 0.1alpha) Must be quantum theoretically secure, i.e. must automatically change if observed (to protect…

Read More

Shouting for the stars

I recently became aware of a debate of astronomical proportions. In the article “One Find, Two Astronomers”, a US astronomer and a Spanish astronomer are both taking credit for the same find. Now this black hole of strange cosmic stew thickens. Bruce Schneier has just posted that the Spanish astronomer confirmed finding the object as a result of telescope logs he obtained from Google. Interestingly enough this has the debate raging over ethics and the how the wealth of information…

Read More

Firefox fighting the flames

Anyone who regularly reads my writings knows that I’m a strong proponent of Open Source software and the value it holds in the information community. Unfortunately in the interests of marketing, attempts are popping up to try to shake that foundation for Firefox. Basically there have been a couple high-risk vulnerabilities discovered in the code which are receiving dramatic amounts of publicity. This publicity is not actually because vulnerabilities in Firefox are often this serious, but because simple conclusions have…

Read More

New OS Installation Security

From a completely random blog involving a new installation of Windows XP: But eventually it all worked. Well, I think it worked. It was too late to actually try anything. Now I need to get it on our network so I can connect to the internet and install all the security updates. This leads me to think how many machines are compromised before well-intended patching takes place. Joe is sitting at his computer at 2:00am after fighting through a new…

Read More

Security Agenda Gaps – Veils for Society

As illustrated in Bruce Schneier’s blog, the TSA is reconsidering their stance on security measures they’ve deployed against – what Mr. Schneier terms – “small pointy things”. (Clearly not in reference to some people’s minds.) In no surprising turn, this has a few ‘interested parties’ concerned, but truly that goes without saying and will go without saying more; for now. However in a follow-up comment, he points out how this relates to his concept of “agenda”. Now pardon me if…

Read More