Dailies
- Caoine
- Echoica
- Jina Bolton
- Lifehacker
- Overclockers Australia
- RiskAnalys.is
- Rory.Blog
- Schneier on Security
- Security Catalyst Community
- Security Ripcord
- Securosis.com
- Slashdot
- Whirlpool
Photos
Categories
- Books
- Computers
- Family
- Forensics
- General
- GTD
- Movies
- Music
- Profession
- Security
- University and Studies
- Web Development
Monthly archives
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- December 2006
- June 2006
- May 2006
- April 2006
- March 2006
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- February 2005
- October 2004
- September 2004
- August 2004
- July 2004
- June 2004
- May 2004
- April 2004
- March 2004
- February 2004
- January 2004
- December 2003
- November 2003
- October 2003
- September 2003
- August 2003
- July 2003
- June 2003
- May 2003
- April 2003
- March 2003
- February 2003
- January 2003
- December 2002
- November 2002
- October 2002
Search
Remind Me
This weekend has been so much slower than last and I can’t even begin to explain how good that is. I think the problem with last weekend was that it was the culmination of my sister’s birthday and mother’s day. Combine that with my family, Sara’s family, having to celebrate with my sister in silos to prevent interaction between my mum and dad.. it felt like we never stopped.
Today on the other hand had me up and about, but not rushing about, caught a coffee with my mum and wandered around the city prior to me ending up in the rehearsal room for 4 hours and then just spending some time catching up some Internet reading.
Some of the more interesting things from today’s reading include:
- The new Google Analytics. With all its revised Web2.0 web site statistic goodness. The only problem I have with the new version is the fact that it’s still so good at telling me how poor my hits are.
- Another Google statistic item, this time the Gapminder World 2006. Provides you more information on global statistics, for example life expectancy versus income per capita, than you can poke a stick at.
- Finally, the Remind Me video clip from Royksöpp. Saw this on the core77 blog and was really impressed with it. I love this style of art.
Posted by Christian 
Posted in: Computers, Family, General, Web Development 
3 Comments » 
19 May 2007
LM Hash Days All Over Again
This is a great article on a flaw in how aol.com handles passwords whereby the site would truncate passwords down to 8 characters.
Reminded me a bit of how the good ol’ Microsoft LM Hash worked.
Posted by Christian Posted in: Security No Comments » 9 May 2007
Security Priorities
I’ve been really enjoying darkreading as of the last couple of months and their recent article on Security’s Top Five Priorities is no exception. It’s also good that they mention that their recent findings are different from similar research they performed not more than five months ago. This is a clear sign of how volatile this industry is, and I guess why I find it so interesting.
In short their top 5 priorities are as follows:
- Portable Devices leading to unauthorised information disclosure OR malware introduction
- Web application security, especially as these are becoming ubiquitous and often slip through firewalls and IDS without too many problems
- Security leaks and insider attacks, good examples of how the old “egg-shell” paradigm just does not cut it these days, you can’t just install firewalls to block the Internet when you give your 100+ inside employees access to sensitive information without controls. This problem also steps outside the boundaries of technology which is quite nice.
- Endpoint security. This can mean so many different things but this article is talking directly about Network Admission/Access Control
- Botnets
Personally I’m surprised that Botnets made it into the list over something like compliance or security awareness training (read social engineering), but their sample base is probably quite varied and I guess a lot of ISP/Marketing type companies might rate Botnet threats quite high compared to other issues.
I also find it interesting how some of the items are so closely related, in particular portable devices, endpoint security and insider threats. These three threats, in many cases, would not exist without the other. A good example is software which may be used to place controls around authorised USB memory stick access, directly related to portable device security but also acting as an end-point control usually trying to minimise the likelihood of an insider taking away sensitive information. This is of course referring to end point security which is not directly network access based.
Another interesting point is how their results differ slightly from the most critical issues that were highlighted in the 2006 CSI/FBI Computer Security Survey, being:
- Data Protection, including classification, identification, protection and application software vulnerability security
- Policy and regulatory compliance
- Identity theft and leakage of private information
- Viruses and worms
- Management involvement, risk management, or supportive resources such as HR
Posted by Christian Posted in: Profession, Security No Comments » 5 May 2007
25
It’s been a little under a week since I turned 25 and I have to say I’m doing a fantastic job of making it last. I mean there is still some cake left in the fridge 6 days after!
As far as birthday presents go I was spoilt rotten, as usual, here is a pic of some of the goodies.
For birthday cakes I was lucky enough to receive not one, not two, but four different cakes. My favourite was easily the chocolate cake made by Sara and adorned with Strawberries!
In addition to being long lasting it’s also been a fantastically interesting week, work wise. It’s been the 2nd week of my new job and every day is exposing more challenges and more things which are interesting me. The more I get to know my colleagues the happier I am at the decision I made to shift into this job.
Posted by Christian Posted in: Family, General, Profession No Comments » 4 May 2007