GigaOm offers a fascinating glimpse into Netflix’s EC2 architecture: Netflix shows off how it does Hadoop in the cloud:
“Hadoop is more than a platform on which data scientists and business analysts can do their work. Aside from their 500-plus-nod[sic] cluster of Elastic MapReduce instances, there’s another equally sized cluster for extract-transform-load (ETL) workloads – essentially, taking data from other sources and making it easy to analyze within Hadoop. Netflix also deploys various…
Microsoft to release emergency Internet Explorer patch on Monday
The vulnerability, which is present in IE 6, 7 and 8, is a memory corruption issue. It can be exploited by an attacker via a drive-by download, a term for loading a website with attack code that delivers malware to a victim’s computer if the person merely visits the website.
Hey folks,
Just a quick note that I am trying to decide between a few different topics for my next paper. If you have a moment, I could use your opinion.
It’s a new year, so let’s get physical and personal. I wondered what people do about physical security specifically – how do you protect your laptop while on business travel? Hotels, airports, cars, etc. We have all seen that “road rules” can be pretty different, so what precautions do you take to ensure your laptop and devices return home safely?
Identity management on mobile devices: How do we do it?
I have been taking a lot of calls on mobile identity issues and solutions over the last three months, and I am just as confused now as when I started looking into this subject. And I think the vendors I have spoken with are reaching, in their assessments of the right course of action and where the market is heading. If you want to implement identity on a mobile device, what do you do?
The High Price of the Silence of Cyberwar:
In today’s debate about cyberwar, all information disclosed seems to come with an agenda. Everyone evaluating the information is forced to look not only at the information, but the motivation for revealing that information. Worse, they can question if the information not revealed is shaped differently from what is revealed. A defender who reveals information regularly and in accordance with a policy will gain credibility, and with it, the ability to…
Feds step up HIPAA enforcement with hospice settlement
The Hospice of North Idaho (HONI) in Hayden will pay $50,000 to avoid more costly penalties if it would have been found in violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Tina Slankas presented at the Phoenix ISSA chapter this week on use of patterns for building security programs – slides can be downloaded here (PDF). The thrust of her idea was to use patterns – think design patterns if you like – for putting together control frameworks to define security efforts. Tina stated she was using the definition of ‘pattern’ in a very broad way, but the essence was reusable constructs for managing different aspects of enterprise security. For example: how identity…
But, he said, segregation of EHR data simply is not feasible or practical for integrated health systems such as Wellstar, …
Zero-day in the wild, in a popular exploit kit.
The hackers who maintain Blackhole and Nuclear Pack – competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they’ve added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java.