Security

Featured

The State of Malware

The State of Malware

I've been spending a little more time looking at general computer and network security recently. One of the things I've been looking at is the current 'state of affairs' where malware is concerned. There's a lot going on out there, although as Gunnar Peterson says in a recent post at 1 Raindrop, not much has changed in the past 10 years. In fact, based on what follows, it's arguable that things are actually getting worse.

There are also regional differences that matter. Here in Thailand at least, the situation is exacerbated by the fact that it's still very common for personal computers to have illegal software installed - including Windows and other major applications (there are reasons, but that's a different story). There are of course other threats and concerns about safety and communication that matter, but for the most part, the biggest computer security risk here is from non-targeted malware.

Read more 
Category: 
Tags: 

false

Here's a recipe for encrypting an external drive with Mac OS X FileVault, and then creating an emergency bootable backup using SuperDuper.

You'll need an external drive - ideally USB 3 or Thunderbolt, if you're going to boot from it. I'm using the 1TB Buffalo Ministation

Start Disk Utility, and partition the drive as shown below. I chose to create two equal size partions using the Partition Layout options. Make sure that the first partition is at least the same size or larger than your internal MacBook or iMac drive. You must format the drive as Mac OS Extended (Journaled), and from the Options button - you must choose GUID partition types.

Read more 
Category: 
25
Sep
2011

Master's Thesis

I completed my master's degree in information security from Royal Holloway, University of London this May. It took a little while for the results to come out, and to be sure that my thesis had been accepted and graded accordingly. Now that I'm in the clear, I'm able to publish the report online - which can be found here at the following link - 3-D Secure: A critical review of 3-D Secure and its effectiveness in preventing card not present fraud. It can be read as HTML, or downloaded in PDF form (with larger figures and illustrations) from here

I think the executive summaryintroduction and conclusion read fairly well, and might be of general interest. In another life - I'd love to spend more time on human computer interaction for security related tasks (HCI-Sec). It's a fascinating field and I found some really interesting material on the topic.

I also wanted to say thank you to all of those who participated in the survey; in particular to Paul Stack (@stack72 ) and Craig Murphy (@CAMURPHY) for helping to drum-up participants.

Enjoy....

Read more 
Category: 
18
Oct
2008

Lessons in Web Site Security

I found this series of links on the topic of XSS and other Web site security issues pretty interesting...

Read more 
Category: 

I must have been asleep when this 'feature' appeared. I downloaded the latest ASP.Net MVC Storefront sample today from Codeplex. I then dragged the downloaded Zip file over to my project folder, extracted it and built the project.

Read more 
Category: 
12
Mar
2008

Cold Boot Attacks

These are interesting. And there I was feeling all warm and cosey with my trusted platform module (TPM). The RAM to USB utility is particularly cool.

http://citp.princeton.edu/memory/

Read more 
Category: