http://blogs.securiteam.com Thoughts about the world of security Thu, 09 Feb 2012 19:00:31 +0000 http://backend.userland.com/rss092 en C'mon, fess up.  Who did the discovery protocol for Windows Universal Plug and Play? Was it supposed to work for USB? Windows has always been annoying in regard to USB.  I've had it "forget" mice and jump drives (sometimes never to accept them again on that port).  I've had a port "locked" ... http://blogs.securiteam.com/index.php/archives/1594 A few more places to find books. Bookyards - unfortunately, these seem to be limited to what you could find on Gutenberg, and they are in PDF. Mobipocket - at least these are in .mobi format. Baen - they've done a lot of their back catalogue. Bookmonk - interesting site, graphical links, for those ... http://blogs.securiteam.com/index.php/archives/1593 Except it won't be. I'm assuming the reporter who quoted the statement in the title as coming from the Davos "Global Shapers" group was trying to make his own headline. Hey, that works (I even used it myself). But this is not the first time we've been warned about the Armageddon ... http://blogs.securiteam.com/index.php/archives/1592 A new study notes that "scholarly" academic journals are forcing the people who want to publish in them (the journals) to add useless citations to the published articles.  OK, this may sound like more academic infighting.  (Q: Why are academic fights so bitter? A: Because the stakes are so small.)  ... http://blogs.securiteam.com/index.php/archives/1591 Today a Conservative Canadian Senator made a rather bizarre suggestion about giving convicted murderers a rope, and allowing them to hang themselves.  (No, I'm not kidding.  But he later retracted the statement.) But, never let it be said that we couldn't look at ideas, regardless of how they come.  Moral repugnance ... http://blogs.securiteam.com/index.php/archives/1590 BKZERODY.RVW   20111213 "Zero Day", David Baldacci, 2011, 978-1-4555-0414-5, U$29.99/C$32.99 %A   David Baldacci www.DavidBaldacci.com %C   237 Park Ave, New York, NY   10017 %D   2011 %G   978-1-4555-0414-5 0446573019 %I   Hachette Book Group %O   U$29.99/C$32.99 %O   Audience n- Tech 1 Writing 2 (see revfaq.htm for explanation) %P   643 p. %T   "Zero Day" At one time, in information security terminology, "zero day" meant a measure ... http://blogs.securiteam.com/index.php/archives/1589 A vendor speaking at a conference (is there any other kind of presentation at conferences these days?) has made a call for a new standard for information security awareness training. " ... the way to do this is via a new infosecurity standard that solely focuses on training and awareness and ... http://blogs.securiteam.com/index.php/archives/1588 Recently I was discussing the use of technology in education, when an odd (to me) question came up.  It was about the use of ebooks.  That wasn't really high on my radar on the tech-in-ed landscape.  When I started (good grief, more than 30 years ago) the use of computers ... http://blogs.securiteam.com/index.php/archives/1587 An item for discussion: I've see this stuff in some recent reports of lawsuits.  First people started using social media, for social things.  Then corps decided that socmed was a great way to spam people without being accused of spamming.  Then corps suddenly realized, to their horror, that, on socmed, people ... http://blogs.securiteam.com/index.php/archives/1586 One of the most common definitions for the term DLP (Data Loss Prevention or Data Leakage Prevention) is “systems that identify, monitor, and protect data through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing and recipient/destination and so on) and with a centralized ... http://blogs.securiteam.com/index.php/archives/1585 You can, of course, just buy books from Amazon.  It's pretty easy: you choose the book, arrange payment, click on a link to send it to your Kindle, and, next time your Kindle is connected to a wireless network you choose "Sync & Check for Items" from the menu on ... http://blogs.securiteam.com/index.php/archives/1584 It seems like nowadays China is the immediate suspect when it comes to hacking attempts or cyber espionage. It's therefore interesting to know that they are suffering from as much internal attacks as anyone else. The 'cyber security china 2012' is organized with ISC2, which is typically a good indicator for ... http://blogs.securiteam.com/index.php/archives/1583 A few random observations along the way: The Kindle has rebooted spontaneously a couple of times since I got it, and sometimes it refuses to connect to wireless unless it gets rebooted.  Since the device is so simple, I would have thought that this shouldn't be a major process, but it ... http://blogs.securiteam.com/index.php/archives/1582 Even before I was given a Kindle, I was vaguely interested.  I use my local library a lot, and review and annotate stuff on their new system.  Recently the library has been pushing the fact that ebooks are available for borrowing.  In fact, they had a meeting about e-readers (which, ... http://blogs.securiteam.com/index.php/archives/1581 BKZERDAY.RVW   20111109 "Zero Day", Mark Russinovich, 2011, 978-0-312-61246-7, U$24.99/C$28.99 %A Mark Russinovich www.zerodaythebook.com markrussinovich@hotmail.com %C   175 Fifth Ave., New York, NY   10010 %D   2011 %G   978-0-312-61246-7 0-312-61246-X %I   St. Martin's Press/Thomas Dunne Books %O   U$24.99/C$28.99 212-674-5151 fax 800-288-2131 %O   josephrinaldi@stmartins.com christopherahearn@stmartins.com %O  http://www.amazon.com/exec/obidos/ASIN/031261246X/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/031261246X/robsladesinte-21 %O   http://www.amazon.ca/exec/obidos/ASIN/031261246X/robsladesin03-20 http://www.amazon.com/gp/mpd/permalink/m3CQBX46DOK0AK/ref=ent_fb_link %O   Audience n Tech 1 Writing 1 (see revfaq.htm for explanation) %P   328 p. %T   "Zero Day" Mark Russinovich ... http://blogs.securiteam.com/index.php/archives/1580 And here, I thought I was finally famous.  It's so disappointing. I got a "Weekly Follow-up from the National Academic Association."  I suppose it doesn't really matter that I'd never heard of them, let alone weekly, because it came from the "Academic Association." "Hello Candidate," it starts, and goes on to tell ... http://blogs.securiteam.com/index.php/archives/1579