My wife called herself a “blog widow” this weekend. She says more and more often she wakes up in the middle of the night and finds my side of the bed empty. She investigates and finds me at my laptop in the living room blogging or researching for a blog post. I guess it is better […] ↓ Read the rest of this entry…
If you have me on your blogroll, can you make sure to change your link to the new domain when you get the chance? Trying to get my link count back up. Because you know it is all about me, right? Thanks. Vet
Roger Grimes has an article at InfoWorld about the size of passwords versus the complexity. I agree with Roger’s assertion that password length is the better than complexity. I have been told by many a security consultant to make the third character a special character, or make the fifth character uppercase, blah blah blah. This […] ↓ Read the rest of this entry…
I decided to start using Feedburner to publish my feed so I can try to track who is subscribing. If you are a current feed subscriber, I would appreciate it if you would switch your subscription when you get a chance. The new feed is at http://feeds.feedburner.com/AnInformationSecurityPlace. Or you can get the link from the […] ↓ Read the rest of this entry…
For my blogging friends out there using WordPress, take serious note of this post from Darknet. Seems like all versions of WordPress below 2.0.3 are vulnerable (2.0.4 should be coming out very soon) to a flaw in the Subscriber functionality. If you require people to register before they can comment, then you need to make […] ↓ Read the rest of this entry…
Just got through reading this article at Security Focus. So basically, fuzzers are becoming more and more prominent in finding flaws in applications (they have been around a while, but they are now gaining notoriety with the general populace). More and more flaws are coming out on all sorts of applications, but the main focus […] ↓ Read the rest of this entry…
When I first started blogging, I searched around the Web for advice on how to be a success. One of the keys, so I was told, was to post often. Another bit of advice I found was to NOT apologize if you don’t post for a while.  But I am going to ignore the above advice […] ↓ Read the rest of this entry…
Bear with me here. I drove a tank in my Army days, and one of the things I learned was that the M1A1 Abrams tank was built with a low profile so it would be less visible to the enemy. But notice one word in that sentence: enemy. You don’t build it with a low […] ↓ Read the rest of this entry…
OK, I am usually fairly impressed by InfoWorld’s articles and other writings. I get the magazine, I subscribe to their news feed.  But this InfoWorld article read like it should be in the Times or something. They put a title of “Hackers Striking Databases in Record Numbers”, give us a couple of stats, and then go […] ↓ Read the rest of this entry…
So the question is this: who is to blame when a crime is committed? Do you convict the gun or the crook when he robs a bank? Do you convict the crowbar or the crook when he pries open the door to a home and steals the jewelry? Do you convict the brick or the crook […] ↓ Read the rest of this entry…
I have posted a couple of times on how to be a successful security admin / manager (here and here). Well, here is another one (ok, enough of the groans). So, here is today’s advice: stick with the tried and true security. There are methods of security that have been tested for quite a while […] ↓ Read the rest of this entry…
You may see the theme of the blog change a few times in the next weeks. I am experimenting still over here, but I just didn’t have the patience with or the faith in Blogger with all the issues they have been experiencing. Please have patience with me. If you have any advice on a […] ↓ Read the rest of this entry…
I have to make some comments on this post I found on a law blog I peruse. I know this is not directly related to Information Security, but it related to security in general, so I have to make some comments. Basically, the author of this post (Dan Filler) is making the argument that the […] ↓ Read the rest of this entry…
The Success of the UTM I have been on a kick about what security admins and managers have to do to sell security. And I posted a huge list the other day to help those same admins and managers start their own list of duties so they could get organized and possibly show the boss […] ↓ Read the rest of this entry…
Here’s what I usually listen too on late nights at work. Â
Cleanflicks has lost to the movie industry in this case. Basically, they can no longer edit the bad stuff out of movies and redistribute. What surprised me to a degree was the the movie industry did not use DMCA as an argument. Go here to see the likely reason why.
First, let me say that though I can definitely see some bad points to NetNeutrality, I am in favor of it. I am not a fan of new laws in general, especially the way our government tends to screw things up. But something in some form needs to be done to keep the big boys […] ↓ Read the rest of this entry…
A few weeks back, I posted about what a security admin / manager should do to sell security to the execs and the general user populace at his or her organization. It contained no technical advice. Basically, it said to be social and was meant to be a first step in getting the people to […] ↓ Read the rest of this entry…
I just discovered David Bianco’s InfoSec blog, called Infosec Potpourri , via a post on joatBlog. I like Mr. Bianco’s technical posts. He gives some good info on network monitoring. From what I have read, it seems to be a practical security blog with good advice and pointers. As I was reading, I came across […] ↓ Read the rest of this entry…
©0-2012 An Information Security Place | Powered by WordPress with Easel | Subscribe: RSS | Back to Top ↑