Holes in Leopard’s firewall

Although Apple is selling its new Mac OS X Leopard operating system on its improved security, researchers at Heise Security have already found fault with its firewall.

Leopard upgraders should be aware of this - while it’s easy to turn the Firewall back on, it is an oversight that Apple will need to address.

(Via CNET.com) Read more

Is there really such a thing as “unbreakable” encryption?

Russian-based ‘password recovery’ company Elcomsoft has pressed the GPU into the service of password cracking.

While this may be small stuff compared to the ‘Storm Worm’ network, which potentially might have millions of compromised Windows PCs at its disposal, this puts brute-force password cracking within easy reach of the masses… which simply reinforces the fact that NOTHING on your computer is ever really completely ’safe’.

(Via ArsTechnica & TechRepublic) Read more

It’s time to install virtual throw-away PCs

I give up. You should too. It’s time to stop trying to secure users’ web browsers, and instead just throw them away. We can’t stop users from clicking on the wrong links or going to compromised websites. We can’t eliminate drive-by worm infections or block zero-day rootkits. But thanks to virtualisation, we can flush them all away.

I have been saying this in my consulting role for a while now - Frank Hayes is exactly right. Whoever is the first to productise this in a way that is easy and straightforward for users and Admins alike will do very, very well… Watch this space!

(Via Computerworld.co.nz.) Read more

Report: Many evils lurk in the “dark corners” of the Internet

StopBadware.org’s ‘Trends in Badware 2007′ report identifies some of the most popular attack vectors currently in use by malware writers, while providing a good primer on the topic of malware for the non-technically-inclined.

This is an excellent report written in plain english - and awareness to an important part of the battle. Might be useful to give to anyone who doesn’t ‘get’ the technical stuff…

(Via Ars Technica.) Read more

VMware shares secrets in security drive

Virtualisation vendor VMware has quietly begun sharing some of its software secrets with the IT security industry under an unannounced plan to create better ways of securing virtual machines.

This is an important step by VMware - while there are currently no known problems, they will come as virtual targets become more prolific…

(Via ZDNet Australia.) Read more

The Internet Firewall: R.I.P.?

Is the Internet firewall headed for extinction? That was the intriguing subtext to a talk today by William Cheswick, a firewall pioneer. As a researcher at Bell Labs, he wrote an early technical paper on firewalls in 1990, ‘The Design of a Secure Internet Gateway,’ and 1994 (with a second edition in 2003), he cowrote a classic text on the subject, ‘Firewalls and Internet Security.’

I completely agree with this Cheswick’s philosophy - from what I constantly see in large enterprises (particularly Government), Firewalls are put everywhere out of paranoia - mostly causing a large number of headaches…

(Via nytimes.com) Read more

Next Page »