The Building Security In Maturity Model (BSIMM), a new model that is a „collection of good ideas and activities that are in use today“ to determine the state of software security in an organisation. This maturity model provides a way to compare your internal security model to the best available industrial standards.
Try this captcha.
Old, but good: Marcus Ranum’s „The Six Dumbest Ideas in Computer Security“.
We had (!) such a lock at the office, but it was removed and replaced by a much more secure device 😉
These are the kind of attacks/hacks I really appreciate, because they make us more secure. This demo shows us how easy it is to break devices, marketed as secure, within seconds and without big financial efforts. Facts attackers already know very well.
This article in Technology Review (German) describes the emerging problems of infrastructural assets like power plants when they are connected to the internet for economic reasons. When SCADA systems are controlable from remote we will experience serious attacks in future.
But not only attacks are dangerous. The more connected computers and software are the more they like to communicate and start autonomous actions like software updates. This updates can trigger all sorts of weird effects like shutting down services (or the whole plant) or resulting in a defective system.
Not always it’s a good idea to interconnect. The more links a network has, the more complex it is to handle and monitor. So please let’s honor the air gap in such cases, ok?
For those of us who didn’t know this: Built-in Windows Command-Line Security Tools. „Built-In“, haha …