|
|
Time to Shield Researchers
2009-03-20 Research is the backbone of the security industry but the legal climate has become so adverse, that researchers deserve protections from lawsuit, SecurityFocus contributor Oliver Day argues. http://www.securityfocus.com/columnists/495 Contracting for Secure Code 2009-03-06 The availability of software security guidance, training, and tools hasn’t made much of dent in the number of attacks, says SecurityFocus contributor Chris Wysopal. Time to hold third-party software vendors accountable. http://www.securityfocus.com/columnists/494 Free-Market Filtering 2009-02-13 A plan by the Australian government to mandate that Internet service providers filter illegal and objectionable content is wrongheaded, but has the kernel of a good idea, says SecurityFocus contributor and attorney Mark Rasch. http://www.securityfocus.com/columnists/493 Don’t Blame the Browser 2009-02-06 Attacks on Web browsers underscore that we need to get away from quick-fix remedies, such as security patches, and on to more permanent solutions, says Comodo CEO Melih Abdulhayoglu. http://www.securityfocus.com/columnists/492 Resurrecting the Killfile 2009-02-04 Blacklisting offensive or malicious content is not new, but most computer users are not availing themselves of this useful protection, says SecurityFocus contributor Oliver Day. Using a killfile of bad hosts -- or a whitelist of good ones -- can mean safer browsing and no additional software is necessary. http://www.securityfocus.com/columnists/491 Time to Take the Theoretical Seriously 2009-01-16 Waiting to fix security problems until an attack is in the wild or for proof-of-concept code is published guarantees that customers will not be protected, argues SecurityFocus contributor Chris Wysopal. http://www.securityfocus.com/columnists/490 The Drew Verdict Makes Us All Hackers 2009-01-09 The four misdemeanors in the MySpace suicide case is perhaps the worst possible outcome, especially for security researchers and white-hat hackers, argues attorney and SecurityFocus contributor Mark Rasch. http://www.securityfocus.com/columnists/489 MD5 Hack Interesting, But Not Threatening 2009-01-05 When an international team of researchers unveiled the first practical attack on MD5-based digital certificates, they had decided not disclose to the issue to company most affected, VeriSign. Tim Callan, vice president of product marketing for the company, explains how, four hours later, VeriSign had eliminated any threat. http://www.securityfocus.com/columnists/488 Time to Exclude Bad ISPs 2008-12-09 The takedowns of Atrivo, EstDomains, and McColo show that the system for policing hosting providers is weak. It's time to form a group, including security researchers, to set standards, says SecurityFocus contributor Oliver Day. http://www.securityfocus.com/columnists/487 Standing on Other's Shoulders 2008-11-28 While security researchers like to highlight their differences with academic investigators, they should start emulating their more staid colleagues in one important way: crediting others, says SecurityFocus contributor Chris Wysopal. http://www.securityfocus.com/columnists/486 |
|
Privacy Statement |