In a post titled “Access of Access + Audit” Dr. Anton Chuvakin discusses the importance of logging, well pretty much everything. When it comes to working in the enterprise environment I tend to agree- audit logs are some of the most useful security, troubleshooting, and performance management tools we have. Back when I was operational I had two kinds of bad log days- those hair pulling, neurotic-in-a-here’s-johnny-way days spent combing, manually, through massive logs, and (even worse) those…
An article just posted by the New York Times reveals that the latest National Intelligence Estimate on terrorism concludes that our involvement in Iraq has increased the global terror threat.
There’s a lot going on in the world of Digital Rights Management (DRM) these days and I realized not everyone understands exactly what DRM is, how it works, and what the implications are. This has popped up a few times recently among friends and family as (being the alpha geek) I’ve been asked to explain why certain music or movie files don’t work on various players. Before digging into some of the security issues around DRM I thought it would be good to post a (relatively) brief overview.
So Apple issued an update for the Mac wireless drivers to prevent a buffer overflow, but denies SecureWorks provided them anything useful.
New IE Flaw Exploited on Porn Sites
Now we did warn you, and I quote:
Especially if you go to “those” sites. Yes, you. Stop pretending you don’t know what I’m talking about.
To whom it may concern,
While, as a security professional, I take great care to protect all of my systems and data, I cannot guarantee that I am fully compliant with both the HIPAA security and privacy requirements. I have never undergone a HIPAA audit, nor any official HIPAA training or evaluations of any kind beyond those provided to first responders. For your information I do take extensive security precautions including:
Symantec has just reported a new 0day security vulnerability in Internet Explorer that could allow someone to take over your computer.
I travel a lot, and on occasion I’ll run Nmap or some other scanner from my hotel room to get an idea of what’s out there, and how dangerous these hotel networks really are. To be honest it’s not something I do all that much anymore since even scanning an open network is running the risk of being considered over the line.
Electronic voting seems to be popping up again thanks to our favorite digital ostrich, Diebold. Martin Mckeay’s also writing on this a bit, and it’s well worth reading.
I’m out on the road this week, right now spending two days at a strategic planning session with a large energy company. This is the kind of trip I actually enjoy- working with an end-user on strategic issues at the executive level where they really want to solve the problem.