Visualization Monday: Storage
by Chandler on November 30, 2009
This is cool. Visualization of relative storage capacities in terms of media and format. Notice that it goes all the way back into pre-digital forms, a subtle tweak that I’ll bet a lot of people miss on first inspection. Too (…)
2010 Security Prognosticators – Put Your Money Where Your Mouth Is!!!
by alex on November 30, 2009
Just saw where Symantec has released their 2010 Security Trends to watch. Now not to pick on Symantec (I’m guilty of the same mess in the past myself over on my old blog) but usually these sorts of prognostication lists (…)
FBI Gets all New School
by adam on November 30, 2009
“Of the thousands of cases that we’ve investigated, the public knows about a handful,” said Shawn Henry, assistant director for the Federal Bureau of Investigation’s Cyber Division. “There are million-dollar cases that nobody knows about.” … “Keeping your head in (…)
For Those Not In The US (or even if you are)
by alex on November 26, 2009
I’d like to wish US readers a happy Thanksgiving. For those outside of the US, I thought this would be a nice little post for today: A pointer to an article in the Financial Times, “Baseball’s love of statistics is (…)
Less Is More
by David Mortman on November 25, 2009
Great post today over on SecureThinking about a customer who used a very limited signature set for their IDS. Truth of the matter was that our customer knew exactly what he was doing. He only wanted to see a handful (…)
Information Security as an Evolutionary Arms Race – Research Collaborators Wanted
by Russell on November 24, 2009
I’m starting on an academic-oriented research project on the arms race between attackers and defenders from the perspective innovation rates and “evolutionary success” – The Red Queen problem. I’m looking for collaborators, contributors, reviewers, etc.
Hackers treated as credible sources of information (D’oh!)
by Russell on November 22, 2009
Contrary to popular belief, hackers are not credible sources of information that they themselves have stolen and leaked. Maybe they weren’t “hackers” at all. News organizations and bloggers should think more critically and do more investigation before they add to the “echo chamber effect” for such reports.
The cost of false positives in detection (lessons from public health)
by Russell on November 21, 2009
Lessons for information security from recent public health pronouncements on mammographs and Pap tests.
Rational Ignorance: The Users’ view of security
by Chandler on November 19, 2009
Cormac Herley at Microsoft Research has done us all a favor and released a paper So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users which opens its abstract with: It is often suggested (…)
“80 Percent of Cyber Attacks Preventable”
by David Mortman on November 18, 2009
Threatlevel (aka 27B/6) reported yesterday that Richard Schaeffer, the NSA’s information assurance director testified to the Senate Senate Judiciary Subcommittee on Terrorism, Technology and Homeland Security on the issue of computer based attacks. If network administrators simply instituted proper configuration (…)