Scott Granneman discusses security analogies and their function in educating the masses on security concepts.
Your Space, My Space, Everybody's Space
Privacy is about protecting data when somebody wants it for some purpose. It is easy to protect data that nobody wants.
Time for a new certification
I wrote a column for Securityfocus some time ago that aired my concerns over GIAC dropping the practical portion of their certification process. That column resulted in a lot of feedback, with most agreeing about how GIAC bungled what was up till then, the best certification around.
0wning Vista from the boot
Federico Biancuzzi interviews Nitin and Vipin Kumar, authors of VBootkit, a rootkit that is able to load from Windows Vista boot-sectors. They discuss the "features" of their code, the support of the various versions of Vista, the possibility to place it inside the BIOS (it needs around 1500 bytes), and the chance to use it to bypass Vista's product activation or avoid DRM.
Online Impersonations: No Validation Required
It is said that imitation is the sincerest form of flattery. Unfortunately, online social networks provide no method for distinguishing an impersonation from the real thing. While your online words and actions may circulate for years, so do those of an impersonator.
The Politics of E-Mail
Its springtime in Washington, D.C. The cherry blossoms have bloomed, the tourists descended, and on both sides of Pennsylvania Avenue a new "scandal" is erupting.
Metasploit 3.0 day
The Metasploit Framework is a development platform for creating security tools and exploits. Federico Biancuzzi interviewed H D Moore to discuss what's new in release 3.0, the new license of the framework, plans for features and exploits development, and the links among the bad guys and Metasploit and the law.
Blanket Discovery for Stolen Laptops
Mark Rasch discusses the legal issues behind the discovery and recovery of stolen laptops that use LoJack-style homing devices to announce their location, and the location of the thieves, anywhere in the world.
Zero Day Patches
Zero day exploits were once the realm of just underground and elite hackers, but their increased prevalence is bringing a positive new trend: unofficial patches from members of the community, offered for protection before official vendor patches appear. Federico Biancuzzi interviewed Landon Fuller, who wrote Mac OS X patches for recent Month of Apple Bugs vulnerabilities, and the ZERT team, which has offered patches for critical Microsoft Windows zero-days that were actively exploited.
Vista Review: Bugs and Confusion
The Register's Thomas C. Greene offers an entertaining review of Windows Vista, noting price differences in Europe, driver compatibility issues, and security and user interface issues that affect the Vista experience.