Security musings (reflectorium)
Security musings (reflectorium)
Sunday, September 19, 2004
  Bassajew and costs of terror attacks
I heard on the car radio the other day that Bassajew gave numbers on how much the recent terror attacks in Russia and Beslan did cost him. I remember something like 9,600 USD for the Beslan terror attack (in which terrorists took pupils, teachers and parents hostage) and something like 7,000 USD and 4,000 USD for the suicide bombing in Moscow and the bombings of two Russian passenger planes.
Here are some links:

 
(0) comments
  Nur allzuwahr.. IT-Sicherheitsbeauftragter im c't Kartoon..
in German ;-) http://www.heise.de/ct/schlagseite/04/20/ 
(0) comments
Saturday, September 18, 2004
  M$ Windows XP Professional Bugging Device?
Cccure has a list of 47 spots in Microsoft XP Professional that the anonymous author of that document thinks are cases of possible concern. (PARANOIA! on/off) - or maybe I'd say are "paranoia entry points"?
http://www.cccure.org/modules.php?name=News&file=article&sid=591
- While I think that most of them are quite irrelevant, it's probably not bad to adjust/verify personal paranoia levels on a Sunday morning..
 
(2) comments
  (in Germany:) The legal obligations and the responsibilities in case

From a posting by Bodo Hoffmann to cissp-ffm:
(in German)
http://www.surfcontrol.com/general/guides/SurfControl_RechtlicherLeitfaden.pdf
 
(0) comments
Friday, September 17, 2004
  A visual history of spam (and virus) email
..from the blog of Raymond Chen (who has kept every single piece of spam and virus email since mid-1997).  
(0) comments
Thursday, September 16, 2004
  German IT agency sets record straight on IE
There has been some noise after the German Information Security Agency (BSI) apparently hinted that using a non-Microsoft web browser might give you less security headaches. NetworkFusion is covering the current state (and some clarifications by the BSI) in an article called "German IT agency sets record straight on IE".
- As you could expect, the BSI is choosing some less harsh language.
The most interesting quote from it is: "Microsoft has responded to the developments by offering discounts to the country's vast public sector and agreeing to provide special assistance with software security."
Now - if I were the IT security agency chief of any country, wouldn't I just copy&paste the original BSI statements?? (and gain a hefty discount plus MS security consultancy package for my people??)
 
(0) comments
  Minimization of network services on Windows systems
Very interesting reading. - I found it at the TAO security blog , that also has a nice summary.
 
(0) comments
  The CISSP secret hand shake
For all who have wondered - there is indeed a secret handshake to recognize fellow CISSPs.
From a post by Mark Lachniet to cissp-forum (a high profile, highly professional closed list):
"It's just like the gangster handshake
- fist (above),
fist (below),
fist
horizontal.
Then you say "wondertwin powers activate - shape of a risk
assessment methodology" and "shape of a properly configured and managed IDS system"

From personal experience, you are supposed to order beers right after saying this...

 
(0) comments
Wednesday, September 15, 2004
  "Gmail-is-too-creepy"
http://gmail-is-too-creepy.com/
for what it's worth. I haven't checked the allegations made at the link above, so take them with a grain of salt.
Also, http://www.gmx.de/ has largely increased it's free webmail quota to 1 GB, see here.
- Gmail is Google's mail service.
 
(0) comments
Monday, September 13, 2004
  TAMU 1999 Bonfire Disaster - a management tale on why proactive risk management matters
Texas A&M - or "Aggieland" - is a rather well-known US university with a (military-style pre-) "school of cadets". It's home of the George Bush Presidential Library, very close to the Bush's family ranch and a somewhat peculiar place. I spent quite some time in and around campus in '93-'96.
Texas A&M is well-known for its football team, its inherent despise for the Univerity of Texas (at Austin) and the "team spirit" of its students and honored traditions.
Up to 1999 one of the key traditions was the annual Bonfire - which developed into a major three-story construction. - I always had the feeling that more wood was burned in that fire, than was used as paper at that place.

In 1999, the bonfire collapsed killing several people. The university was pressured to launch an in-depth investigation, which came up with quite shocking findings.

See: http://www.tamu.edu/bonfire-commission/reports/

I think this is a really good story that demonstrates just how important a pro-active risk management is.

Some quotes from the final report:
Lack of a written Bonfire design or construction methodology is in the Commission’s view both an important barrier failure and very relevant to the collapse. This deficiency has resulted in multiple design changes year-to-year, no established process for design reviews, and no documentation of critical design factors. This was clearly evidenced in interviews with University officials and students. On numerous occasions, interviewees described a world in which design decisions were made with no written guidance, no formal reviews, and no knowledge of critical design factors.
 
(0) comments
Saturday, September 11, 2004
  Breach! Breach! - http://www.ratemynetworkdiagram.com
This is a strange site: http://www.ratemynetworkdiagram.com/
I wonder just who's putting stuff up there - and what is it for?
- A honeypot for the dim-witted?
Or some dating site for nerds? =)))
 
(0) comments


Me enjoying a "Mate-Club", Alt-Landsberg near Berlin, summer 2003.

RSS Feed now atom.xml!
My public bloglines universe

Essential Security Web-Sites
Internet Head Up Display, Internet Storm Center incl. Handler's Diary NewsNow.co.uk on Virii and Security - Messagelabs stats, Trendmicro, Symantec, CAI, McAffee, F-Secure -- securityfocus, packetstorm


Recently added Detections from CAI
Standalone Virus Cleaner
Trendmicro Sysclean and Signature, Symantec Removal tools, Stinger from McAfee, F-Secure removal tools, Bitdefender free removal tools
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
ARCHIVES
11/01/2003 - 12/01/2003
/ 12/01/2003 - 01/01/2004
/ 01/01/2004 - 02/01/2004
/ 02/01/2004 - 03/01/2004
/ 03/01/2004 - 04/01/2004
/ 04/01/2004 - 05/01/2004
/ 05/01/2004 - 06/01/2004
/ 06/01/2004 - 07/01/2004
/ 07/01/2004 - 08/01/2004
/ 08/01/2004 - 09/01/2004
/ 09/01/2004 - 10/01/2004
/ 10/01/2004 - 11/01/2004
/ 01/01/2005 - 02/01/2005
/ 02/01/2005 - 03/01/2005
/ 03/01/2005 - 04/01/2005
/ 04/01/2005 - 05/01/2005
/ 05/01/2005 - 06/01/2005
/ 06/01/2005 - 07/01/2005
/ 07/01/2005 - 08/01/2005
/ 01/01/2006 - 02/01/2006
/ 02/01/2006 - 03/01/2006
/ 03/01/2006 - 04/01/2006
/ 06/01/2006 - 07/01/2006
/ 08/01/2006 - 09/01/2006
/ 09/01/2006 - 10/01/2006
/ 12/01/2006 - 01/01/2007
/ 03/01/2007 - 04/01/2007
/ 05/01/2007 - 06/01/2007
/ 07/01/2007 - 08/01/2007
/ 08/01/2007 - 09/01/2007
/ 10/01/2007 - 11/01/2007
/ 11/01/2007 - 12/01/2007
/ 12/01/2007 - 01/01/2008
/ 02/01/2008 - 03/01/2008
/ 09/01/2008 - 10/01/2008
/ 10/01/2008 - 11/01/2008
/ 03/01/2009 - 04/01/2009
/ 09/01/2009 - 10/01/2009
/ 11/01/2009 - 12/01/2009
/ 01/01/2010 - 02/01/2010
/ 02/01/2010 - 03/01/2010
/ 06/01/2010 - 07/01/2010
/


Powered by Blogger


related blogs: general and family research