Visualization Monday: Storage

by Chandler on November 30, 2009

This is cool.  Visualization of relative storage capacities in terms of media and format. Notice that it goes all the way back into pre-digital forms, a subtle tweak that I’ll bet a lot of people miss on first inspection.  Too (…)

Read the rest of this entry »

2010 Security Prognosticators – Put Your Money Where Your Mouth Is!!!

by alex on November 30, 2009

Just saw where Symantec has released their 2010 Security Trends to watch.  Now not to pick on Symantec (I’m guilty of the same mess in the past myself over on my old blog) but usually these sorts of prognostication lists (…)

Read the rest of this entry »

FBI Gets all New School

by adam on November 30, 2009

“Of the thousands of cases that we’ve investigated, the public knows about a handful,” said Shawn Henry, assistant director for the Federal Bureau of Investigation’s Cyber Division. “There are million-dollar cases that nobody knows about.” … “Keeping your head in (…)

Read the rest of this entry »

For Those Not In The US (or even if you are)

by alex on November 26, 2009

I’d like to wish US readers a happy Thanksgiving. For those outside of the US, I thought this would be a nice little post for today: A pointer to an article in the Financial Times, “Baseball’s love of statistics is (…)

Read the rest of this entry »

Less Is More

by David Mortman on November 25, 2009

Great post today over on SecureThinking about a customer who used a very limited signature set for their IDS. Truth of the matter was that our customer knew exactly what he was doing. He only wanted to see a handful (…)

Read the rest of this entry »

Hackers treated as credible sources of information (D’oh!)

by Russell on November 22, 2009

Contrary to popular belief, hackers are not credible sources of information that they themselves have stolen and leaked. Maybe they weren’t “hackers” at all. News organizations and bloggers should think more critically and do more investigation before they add to the “echo chamber effect” for such reports.

The cost of false positives in detection (lessons from public health)

by Russell on November 21, 2009

Lessons for information security from recent public health pronouncements on mammographs and Pap tests.

Rational Ignorance: The Users’ view of security

by Chandler on November 19, 2009

Cormac Herley at Microsoft Research has done us all a favor and released a paper So Long, And No Thanks for the Externalities:  The Rational Rejection of Security Advice by Users which opens its abstract with: It is often suggested (…)

Read the rest of this entry »

“80 Percent of Cyber Attacks Preventable”

by David Mortman on November 18, 2009

Threatlevel (aka 27B/6) reported yesterday that Richard Schaeffer, the NSA’s information assurance director testified to the Senate Senate Judiciary Subcommittee on Terrorism, Technology and Homeland Security on the issue of computer based attacks. If network administrators simply instituted proper configuration (…)

Read the rest of this entry »