Technical Analysis Group (TAG) - The Law Enforcement Tools and Technologies for Investigating Cyber Attacks
What are the technological impediments facing law enforcement when investigating and responding to cyber attacks, for which research and development might provide solutions?
Friday, January 17, 2003
Computer Secure-It, Inc.
Secure-It, Inc. has been providing the highest quality computer security products since 1983. With it's new array of computer security products including access control, motion alarms, tracking and recovery software, enclosures, and more, Secure-It knows it can be your one source for all your computer security solutions.
Secure-It, Inc. has been providing the highest quality computer security products since 1983. With it's new array of computer security products including access control, motion alarms, tracking and recovery software, enclosures, and more, Secure-It knows it can be your one source for all your computer security solutions.
Thursday, January 16, 2003
Transmeta builds crypto into Crusoe
Transmeta yesterday said it has begun sampling versions of its Crusoe TM5800 processor embedded with proprietary security technologies. The chip designer claims its approach offers increased security for wireless computing, protects sensitive data, "deters intellectual property theft" (read Digital Rights Management (DRM) Inside) and delivers tamper-resistant, x86 storage environments. Putting security onto the main processor increases security over existing multi-chip solutions, it argues. Initially, the TM580 will feature technologies including "secure hidden storage of confidential information" (initially tamper-resistant storage of crypto keys) and crypto acceleration. Transmeta's hardware support for DES, DES-X and Triple-DES is designed to accelerate security applications such as file and disk data encryption and the Internet Protocol Security (IPSec) algorithm commonly used in VPNs. The company reckons its processor architecture will make an extension of this to support the recently approved Advanced Encryption Standard (AES) straightforward. Intel and AMD plan to introduce security functions directly into their microprocessors, but Transmeta argues its ahead in building these technologies into chips thanks to its combined software and hardware approach to microprocessor design.
Transmeta yesterday said it has begun sampling versions of its Crusoe TM5800 processor embedded with proprietary security technologies. The chip designer claims its approach offers increased security for wireless computing, protects sensitive data, "deters intellectual property theft" (read Digital Rights Management (DRM) Inside) and delivers tamper-resistant, x86 storage environments. Putting security onto the main processor increases security over existing multi-chip solutions, it argues. Initially, the TM580 will feature technologies including "secure hidden storage of confidential information" (initially tamper-resistant storage of crypto keys) and crypto acceleration. Transmeta's hardware support for DES, DES-X and Triple-DES is designed to accelerate security applications such as file and disk data encryption and the Internet Protocol Security (IPSec) algorithm commonly used in VPNs. The company reckons its processor architecture will make an extension of this to support the recently approved Advanced Encryption Standard (AES) straightforward. Intel and AMD plan to introduce security functions directly into their microprocessors, but Transmeta argues its ahead in building these technologies into chips thanks to its combined software and hardware approach to microprocessor design.
Wednesday, January 15, 2003
Instant Insecurity: Security Issues of Instant Messaging
Instant messaging is an increasingly popular method for communicating over the Internet. Instant messaging (IM) is a real-time supplement to and, in some regards, a replacement for e-mailing. Unlike e-mail, instant messaging allows users to see whether a chosen friend or co-worker is connected to the Internet. Typically, the instant messaging service will alert a user if somebody on the user's list of correspondents is on-line. Instant messaging also differs from e-mail in that messages are exchanged directly almost instantly, allowing for a two-way communication in real-time.
Instant messaging is an increasingly popular method for communicating over the Internet. Instant messaging (IM) is a real-time supplement to and, in some regards, a replacement for e-mailing. Unlike e-mail, instant messaging allows users to see whether a chosen friend or co-worker is connected to the Internet. Typically, the instant messaging service will alert a user if somebody on the user's list of correspondents is on-line. Instant messaging also differs from e-mail in that messages are exchanged directly almost instantly, allowing for a two-way communication in real-time.
VOICE TRUST
VOICE.TRUST enables secure user authentication via the voice as a valuable alternative to unreliable password mechanisms or technologically complex and costly authentication systems. The easy-to-install VOICE.TRUST Server makes it possible for the user to authenticate himself via existing telephone hardware - secure, convenient and inexpensive.
VOICE.TRUST enables secure user authentication via the voice as a valuable alternative to unreliable password mechanisms or technologically complex and costly authentication systems. The easy-to-install VOICE.TRUST Server makes it possible for the user to authenticate himself via existing telephone hardware - secure, convenient and inexpensive.
Monday, January 13, 2003
How Warchalking Died
The purpose of this article is to explain how Warchalking has become obsolete. It is being replaced by Wi-Fi Zones that are being fueled by home networks, corporate networks, and even payphones. The internet will be all around you in all places but you won't ever need to care about Warchalking. Let's bury the idea and move along.
The purpose of this article is to explain how Warchalking has become obsolete. It is being replaced by Wi-Fi Zones that are being fueled by home networks, corporate networks, and even payphones. The internet will be all around you in all places but you won't ever need to care about Warchalking. Let's bury the idea and move along.
SLAM
Slam is a module based concept tool providing techniques of brute force logon. The slam concept is to inherit knowledge from previously executed modules and previously assased targets in order to gain as much access as possible with little information.
Slam is a module based concept tool providing techniques of brute force logon. The slam concept is to inherit knowledge from previously executed modules and previously assased targets in order to gain as much access as possible with little information.
Sunday, January 12, 2003
The Open Web Application Security Project
Invalidated parameters and broken access control are among the most serious security vulnerabilities in today's Web applications, according to a list released today by the Open Web Application Security Project (OWASP).
In an attempt to aid developers' project planning and boost security for Web sites, dozens of leading application security experts have devised a top 10 list of the most significant problems with Web apps today. These flaws are far from new but remain serious threats to enterprises.
For starters, information from Web requests isn't being validated before being used by a Web application, a situation being actively exploited by attackers. Similarly, authentication flaws can allow attackers to access user accounts and view or steal sensitive information.
Invalidated parameters and broken access control are among the most serious security vulnerabilities in today's Web applications, according to a list released today by the Open Web Application Security Project (OWASP).
In an attempt to aid developers' project planning and boost security for Web sites, dozens of leading application security experts have devised a top 10 list of the most significant problems with Web apps today. These flaws are far from new but remain serious threats to enterprises.
For starters, information from Web requests isn't being validated before being used by a Web application, a situation being actively exploited by attackers. Similarly, authentication flaws can allow attackers to access user accounts and view or steal sensitive information.
Subscribe to:
Posts (Atom)
