Security

Tietoturva nyt! 2013 – data security now

Finnish Communications Regulatory Authority Viestintävirasto had a Tietoturva nyt! 2013 security seminar two weeks ago. Viestintävirasto has now published the seminar presentations. Most of the presentations are in Finnish, but there are also four presentations in English. If networking and cyber security interests you those are worth to check.

NSA Google Search Tips

There is so much data available on the Internet that even government cyberspies need a little help now and then to sift through it all. Wired article Use These Secret NSA Google Search Tips to Become Your Own Spy Agency tells that the National Security Agency produced a 643-page book Untangling the Web: A Guide

The age of the password is over?

You have a secret that can ruin your life. It’s not usually a well-kept secret. Kill the Password: Why a String of Characters Can’t Protect Us Anymore article tells that just a simple string of characters—maybe six of them if you’re careless, 16 if you’re cautious—that can reveal everything about you: Your email. Your bank

One Man Pinged the Whole Internet

What Happened When One Man Pinged the Whole Internet article tells about a home science experiment that probed billions of Internet devices reveals that thousands of industrial and business systems offer remote access to anyone. Moore’s census involved regularly sending simple, automated messages to each one of the 3.7 billion IP addresses assigned to devices

Spamhaus DDoS attacks

A fight between a spam-fighting group called Spamhaus and a Dutch Web host Cyberbunker has been called the biggest public DDoS battle in history in the news. Spam-fighting organization Spamhaus (helps to block spam from entering e-mail in-boxes) has been in a battle over the last week that has seen distributed denial of service (DDoS).

Automation systems security issues

Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. They used to be in closed networks, but nowadays more and more automation and control equipment are connected to Internet. Many of them are

Terrorism and the Electric Power Delivery System

Electrical grid is said to be vulnerable to terrorist attack. I can agree that electrical power distribution network would be quite vulnerable if someone tries to sabotage it and knows what to do. I know this because I design software and hardware for control systems for electrical companies. Some days ago I saw in Finnish

How Complex Systems Fail

Any real-world security system is inherently complex. Making them safe and secure is hard. Controlgeek Blog has an interesting pointer and summary on on a very interesting white paper How Complex Systems Fail. I also found his paper, which is only a few pages long, a fascinating read (like John Huntington and Schneier on Security).

Enterprise Network Firewall trends

2013 Gartner Magic Quadrant for Enterprise Network Firewalls give a view to current firewall markets: Gartner states, “Advances in threats have driven mainstream firewall demand for next- generation firewall capabilities. Buyers should focus on the quality, not quantity, of the features and the R&D behind them. This market includes mature vendors and new entrants.” Palo

Understanding Ajax vulnerabilities

Understanding Ajax vulnerabilities article is an introduction how to protect the web applications you create with Ajax. Because of its range of functions and ease of use, Ajax is one of the most widely used tools for building web applications today. All applications, including those built using Ajax technologies, are vulnerable to exploits that compromise