Home > What Is > What Is Penetrate And Patch

What Is Penetrate And Patch


Re:A much bigger problem (Score:4, Interesting) by MightyYar ( 622222 ) writes: on Sunday September 11, 2005 @08:21PM (#13534617) I'm a luzer as well, and I frankly find IT's antics pretty So in the current market, the consumer (us) has no leverage to change things. Marcus J. But most people treat them as a solution, and therein lies the problem.

Action is better than Inaction - Somewhat valid. mjr. But, as you say, it's nowhere *near* that simple. I hope you guess my name... • September 13, 2005 4:23 AM @ Pat Callahan (I'm not picking on you, I'm just respond to this blog backwards). >@ Davi > >What

What Is Penetrate And Patch

Enumerating Badness This is why blacklists are, and always will be, a bad idea. Wrong! Reading this article gives very little clue as to how to construct a good balance. Bruce has posted quite a few notes on things like the "Trusted Computing Platform" here himself...

If "Educating Users" is the strategy you plan to embark upon, you should expect to have to "patch" your users every week. Maybe as hacking becomes more strongly associated with flat-out stealing, this will change. Smoke and mirrors works for a while (sometimes a long while) but eventually people get tired of always being victims. Marcus Ranum Bateson's second He further goes on to a brilliant analysis of the Pavlovian study of dogs in terms of the dog's view of the context; and, how the dog's context is

Most people look at a computer as an appliance, not a platform for building tools. Silver Bullet Application Security Default Deny on a desktop, especially personal ones, is a broken, unmaintainable, BAD idea. Chris Walsh • September 9, 2005 4:25 PM Q: " So what exactly are these Good Engineering practices? " A: http://tinyurl.com/95ffq (Ross Anderson's _Security Engineering_, Viega and McGraw's _Building Secure Software_) https://www.schneier.com/blog/archives/2005/09/marcus_ranums_t.html Terms of Service Privacy Policy Hacker News new | comments | show | ask | jobs | submit login The Six Dumbest Ideas in Computer Security (ranum.com) 39 points by neic

I have a pretty strong personality and a thick skin, but after a while, I gave up. However, if there are no early adopters, there will be no innovation. Penetrate and Patch Security starts from the inside, not the outside. To illustrate, ask yourself this question: why do most corporate computer users have permissions on their computer to download and execute arbitrary programs?

Silver Bullet Application Security

I loved it.Then companies got involved, certifications/courses/books appeared, pentesting became a business...I moved to another field, for the very reasons MJR explained in his editorial.Everyone wanted to be "secure", but noone https://it.slashdot.org/story/05/09/11/1716205/the-six-dumbest-ideas-in-computer-security Parent Share twitter facebook linkedin On my webservers... (Score:5, Interesting) by Space cowboy ( 13680 ) * writes: on Sunday September 11, 2005 @04:54PM (#13533678) Journal I patch PHP to set What Is Penetrate And Patch All slide content and descriptions are owned by their creators. What Is An Abuse Case? This is the conventional wisdom and with today's generally weak network protocols and poor host security it's probably correct.

In the "Minor Dumbs" section, he writes: "Operating systems have security problems because they are complex and system administration is not a solved problem in computing." That, to me, seems to virus scanners and default permit firewalls.. What does making water balloons have to do with preventing a computer infection? I'm not an anti-corporate person by any means, and I do think that by and large corporations are run fairly ethically (maybe I'm deluding myself on this point). Penetrate And Patch Meaning

If you use Outlook or webmail, occasionally you might get a warning that your password will expire in n days. They didn't have one... It's not that much harder to do than "Default Permit" but you'll sleep much better at night. #2) Enumerating Badness Back in the early days of computer security, there were only Not only is "Enumerating Badness" a dumb idea, it's gotten dumber during the few minutes of your time you've bequeathed me by reading this article.

Except, things are pretty much the same, or even worse if one considers his point on perception of hacking: "hacker culture" has become even "cooler", and strangely synonymous with "freedom". The media plays directly into this, by portraying hackers, variously, as "whiz kids" and "brilliant technologists" - of course if you're a reporter for CNN, anyone who can install Linux probably What has it been? 2 or 3 a month for 10 years?

Thus, no more executables bearing viruses disguised as documents.

Read to what he says at the end: "Good Engineering is Cool" but so far there is no sign that's likely to happen. As far as I'm concerned, they are both Katrinas waiting to happen. Previous PDC05: I'm only there for the chicks. Parent Share twitter facebook linkedin DailyDave (Score:3, Interesting) by tiny69 ( 34486 ) writes: on Sunday September 11, 2005 @04:55PM (#13533686) Homepage Journal There's already been some entertainment over Marcus's article

This still ranks as number one. Just because you may not understand how something can be done, does not mean that it is impossible :D Kevin Davidson • September 9, 2005 3:25 PM My copy of Norton Hacking is cool because it demonstrates our ability to manipulate our environment, to do things that are supposed to be impossible through ingenuity. Progress is good, but careful progress is even better.

Call me biased, but somehow I don't think it would.User friendliness versus security is not necessarily a one-to-one tradeoff. URI positive validation is something already widely in practice in anti-phishing and anti-spam engines, and it is not always complex. Tanks can be made invulnerable on the roads using cryptography.