2013?!? WTF?!?!
I have this time dilation theory of aging. The older you get, the smaller a as a fraction of your existence each year is, so the shorter it feels.
Levelling up in the real world.
When you are looking out for the welfare of your organization instead of focusing on what you can get for yourself, that’s when you’ll be given the chance to do more and own more.
Technewsdaily has an interesting follow up to yesterday’s NYT article on AV effectiveness, as we covered.
I agree that using VirusTotal isn’t the best approach – far from it. But I have also heard AV-Test doesn’t use good criteria. I like the NSS Labs methodology myself, which shows higher numbers than Imperva, but much lower than most other tests. Their consumer report is free. and they also offer a companion report. But consumer products are often more different from enterprise versions than…
For the short version, read Rob Graham at Errata Security.
Google detected someone attempting a man in the middle attack using a certificate issued in Turkey. TURKTRUST issued two subsidiary Certificate Authority certs which allowed whoever had them to sign any certificate they wanted, for any domain they wanted. Yes, this is how SSL works and it’s a big mess (I talked about it a little in 2011).
The Washington Post sort-of covers honeypots, but mixes in national security issues. But one paragraph is out of place, because the article doesn’t really cover strike-back:
Happy 2013 everybody! At the dawn of a new year, most folks think more proactively about what they want to change – and what they don’t. I have spoken many times about the need to embrace change and even to learn to love change. Change is good. Stagnation is bad. But the trouble lies in how you achieve that change – and how you react when change is forced upon you.
Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt
The antivirus industry has a dirty little secret: its products are often not very good at stopping viruses.
The biggest shift in 2012 was the emergence of state-sponsored malware and targeted attacks as major factors. The idea of governments developing and deploying highly sophisticated malware is far from new. Such attacks have been going on for years, but they’ve mainly stayed out of the limelight. Security researchers and intelligence analysts have seen many of these attacks, targeting both enterprises and government agencies, but they were almost never discussed openly…
It’s the holiday season, people are leaving for vacation, and most people have things other than security on their minds – including me – so I’ll keep today’s Friday Summary short.
As we say goodbye to Old Man 2012 and get ready to welcome Baby New Year 2013, it is time for some downtime and reflection. This will be the last Incite of the year. My focus over the next two weeks will be enjoying the accomplishments of the past 12 months. Which, by the way, is very hard for me. I came into the world with the unsatisfied gene. No matter how good it is, it can be better. No matter how much got done, I could have done more. With every accomplishment, I have already started…