Laptop Losses and Phishing Fruit Salad
Dr. Neal Krawetz takes a look at the numbers behind reports of laptop thefts and phishing attacks, showing inconsistent metrics and the difficulty in using numbers to determine the real level of threat.
Substitute teacher Julie Amero faces up to 40 years in prison for exposing kids to porn using a classroom computer, but the facts strongly suggest that she was wrongfully convicted. Many issues remain, from the need for an independent computer forensics investigation and the presence of spyware and adware on the machine, to bad or incomplete legal work on both sides of this criminal case.
Nothing to Fear... ?
Scott Granneman looks at the use of fear in computer security, from misleading media reports and gross exaggeration by industry leaders to the use of fear in order to sell new computers and software.
PHP Security From The Inside
Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.
The New Vista Waiting Game
Vista is a step forward in security, but many businesses will be stuck with Windows XP for years to come, due to the cost of upgrading, the value of existing assets, and compatibility issues that trump security features.
iPhone Trademarks: the Real Issues
Apple's iPhone announcement and Cisco's iPhone trademark lawsuit has brought the iPhone moniker into the spotlight. But other companies also own and use iPhone trademarks, and market and sell their iPhone products. Mark Rasch explains how U.S. trademark law works and the real issues at play in this highly publicized trademark dispute.
Interview with Bill Cheswick
Many people have seen Internet maps on walls and in various publications over the years. Federico Biancuzzi interviewed Bill Cheswick, who started the Internet Mapping Project that grew into software to map corporate and government networks. They discussed firewalling, logging, NIDS and IPS, how to fight DDoS, and the future of BGP and DNS.
Wishes For 2007
Scott Granneman takes a look at the technologies he found useful in 2006 and offers some wishes relating to security, privacy and DRM that he'd like to see fulfilled in 2007.
PHP apps: Security's Low-Hanging Fruit
PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here's how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web.
All I Want For Christmas
Mark Rasch takes a step back and offers his holiday and New Year's wish list of all things security - items that should exist, be made available and be easy to use for everyone over the coming year.