From Security Weekly Wiki
Jump to navigationJump to search
60 bytes added ,  22:26, 4 October 2007
no edit summary
[ Protecting Mobile users - ideas?] - [PaulDotCom] - Chris is right, we need to protect our mobile users. However, traditional methods such as logging on with user privs, A/V, anti-spyware, and firewalls just aren't enough. Malware is too smart, and users are too dumb. We almost need to wipe mobile users machines on a regular basis, and keep the data separate and protected. It would be a neat experiment, store all your data on an encrypted thumbdrive, then your machine gets wiped everytime you come back to the office... I know, I am the "Mad Security Geek".
  [ A nice healthy SQL Injection Exploit] - [PaulDotCom] - A notice to all companies producing web applications, when a vulnerability is found in your product, take down your demo site. [Larry] - I'll give you something nice and healthy to inject.
[ RFP Emerges, Speaks about disclosure] - [PaulDotCom] - According to RFP, testing someone else's web site is a no-no. Quote: ''"NO MATTER YOUR INTENTIONS, LOOKING FOR SECURITY VULNERABILITIES IN THIRD-PARTY WEB SITES (without permission) IS ILLEGAL PER THE LAWS OF YOUR COUNTRY. Period. "'' Whoa. This could go either way. I've seen some people be happy that you found a vuln in their web site, and I can definitely see it going the other way. Thoughts? Oh, and where has RFP been since 2003 anyway? BTW, check out some [ podcasts from Microsoft.]


Navigation menu