Disclosures Approaching White Noise

Whilst I’m fairly interested to see how “Compulsory Disclosure” may or may not make its way into the Australian Privacy Act, I’m wondering if it will also eventually lead to a state of constant white noise.

What I’m referring to is the constant stream of breaches that are posted by either the Attrition Data Loss feed, or the Educational Security Incident feed, or any other number of websites that post data breach or loss notifications, and how seeing a constant stream of these breaches really starts to make the impact seem less important.

It certainly gives you the feeling that the probability of your information being disclosed at some point is fairly likely so why don’t we just spray our credit card numbers on a wall?

Posted by Christian Posted in: Computers, Security No Comments » 31 October 2007

Web Application Security Professionals Survey

Jeremiah Grossman has posted another “Web Application Security Professionals Survey“.

Previous surveys results are pretty interesting, as seen here, and I do believe that a number of themes will be unchanged. Such as, developers still don’t know or care enough about security, and that the general feedback on the effectiveness of tools to help with web app security is far from flattering.

Posted by Christian Posted in: Computers, Profession, Security, Web Development No Comments » 29 October 2007

SQL Injection Comic

I know you’ve probably seen this around elsewhere, but this xkcd comic is just too funny not to post about.

It’s only occasionally that stuff gets to go up on the cubicle wall.

Posted by Christian Posted in: Computers, Security No Comments » 13 October 2007