The Higher Regional Court now has ruled that blocking email by content is unlawful as it is considered confidential in German law. Blocking is only allowed when, say, a viral attack is imminent. The implications of the ruling aren’t yet fully clear. Whether the Higher Regional Court has unintentionally legalised spam (which frequently is filtered by content) remains to be seen.
On Tue, 18 Jan 2005 14:31:39 EST, “Sigmon Cheri Y Civ 82 CSS/SCPD :: Software Dev” said:
Item: The “ongoing” debate among choices of open source vs. proprietary (all companies’) solutions, not just the major players in the industry.
I’m certain you’ve seen similar situations… where there are groups of people who are very opinionated one way or the other. My concern is the best solution(s) security-wise, regardless of the source. Any comments? From a broad-brush perspective?
Define “best”.
Most secure, no matter *how* hard it is to use? There’s some pretty bad-ass MLS systems available - and they’re often a royal pain to *do* anything (because you keep finding you can’t easily get around some compartmentalization feature that’s intentionally getting in your way). This one’s easy. Turn it off, encase it in a large concrete block, and dump it into the Marianas Trench. Quite secure, but not very useful. (Apply some thermite along the way if you’re *really* paranoid).
.
:
Remember that security is a process, and a balancing act. Let’s say your security budget is S, the cost of an incident is C, and the likelyhood of an incident is P. If you can make S = C*P, you have perfect security (if S is greater, you’re spending too much, and if S is lower, you could still save money by increasing S). Those of you who want to model multiple events and costs can generalize it to a summation across all C(sub n)*P(sub n).
The really mathematically astute will realize that (a) if you’re bothering with the summation, the function quite possibly has multiple local maximums and minimums, and (b) the exact location and value of said inflection points of the curve depend on coefficients that are basically non-measurable, and you’re left making educated guesses (”What’s the % chance per year of compromise of a fully patched Windows box with an idiot user, and the %chance for a box that’s missing some patches, but has a user who doesn’t click on every “ooh shiny?” and the ever-favorite “What’s the least costly (money, people time, political brownie points) way to convince a particular Very Important Butthead to buy in to a specific proposal, or should we just punt and do things some way that V. Butthead will go along with?”)
.
:
Read more at SecProg@SecurityFocus.com.
A “jump bag” is a collection of critical items you might need during crisis response when an attacker invades your network. It should contain these items:
A jump bag is not only needed when an attacker invades my network but for any critical situation — for example, when one partition in my fiance’s hard drive crashed few days ago and she has many imporant data for almost 18GB.
At that time, I have no tools in hand, so approx. I took 3 hours to recovery the data (~45 minutes spent to search the proper recovery software). After that incident, I realize how important having a jump bag and thinking to have one near future.
Several kernel level bounds checking vulnerabilities were found during an audit performed by Immunity team on the recent Darwin kernel xnu517.7.7. These vulnerabilities are mostly in user to kernel memory copy operations and also allocation of kernel memory driven by user supplied size value(s).
Well, they also put the an interersting bug on at(1). Actually, i still wondering how someone can use the advantage of /etc/master.passwd in multi-user mode. The /etc/master.passwd is consulted when the system is running in single-user mode. At other times this information is handled by lookupd. By default, lookupd gets information from NetInfo, so this file will not be consulted unless someone have changed lookupd’s configuration.
BTW, Mac OS X 10.3.7 is still using buggy version of sudo. Last week I received a mail reply from Apple Product Security Team, they said my information has been passed along to their engineering team for further analysis.
Starting today until January 14, 2005, I’ll be in BS7799 Lead Auditor Course organized by Bellua — in association with Bureau Veritas, at Gran Melia Hotel, Jakarta. The course is intended for all those who wish to undertake and eventually lead audits of Information Security Management Systems. It is also useful for those interested in implementation of BS7799. It is essential for those wishing to register with IRCA as an ISMS Auditor.
Honeynet Project just released a report about the security of Linux. The life expectancy of Linux has lengthened dramatically since 2001 and 2002, the project said, from a mere 72 hours two and three years ago to an average of three months today.
Why? There are several explanations for that:
The FBI is warning that fraudsters are using internet scams in the aftermath of the Asian tsunami disaster. The agency is warning of phishing websites claiming to be for relief charities, and emails offering to find victims for a fee or requesting that money be deposited in overseas accounts. Perhaps most appalling, those who have appealed online for information about missing friends and relatives are being contacted via email by opportunists proposing to investigate, in exchange for a hefty retainer.
Related stories:
I hate spam! Mark Rasch’s column reminds me De Raadt opinion how to stop spam during free chat in last HITB. He said, “Just go to spamhaus database, select the top 6 spammers, execute them and repeat for 6 months”. I agree that it was not a democratic approach to solving problems, but to be honest I like that crazy idea.
I know it’s a bit late to write about “How can I trust Firefox!”, but that article is very interesting to read.
It is quite obvious: When you get executable files of any kind from a source you don’t trust, you cannot know what they really do. Even if such a program does exactly what its offerer says, it can do more. It can monitor all your activities and send to its offerer not only your internet behaviour profile, but also all passwords you use, addresses from your electronic address book, documents you work on, and everything from your computer which it considers interesting. Or it can just contain a virus which destroys all of your data (or may be even not all, may be only the most important of it). Never use untrusted executable files.
You can significantly improve the security of your systems. Go read Microsoft’s 10 Immutable Laws of Security.
who links here | Get free blog up and running in minutes with Blogsome | Theme designs available here| login