Latest Posts

From hypothesis to action

It was a little over a year ago that I first heard this scenario described: a thief walks into a target organization, installs a wireless device, sets himself up next door and proceeds to have his way with the network. I proposed a twist on this scenario: use your favorite delivery service to ship a handheld wireless device to the target.

April 7, 2005 by Richard Stiennon

Comments

Here is a great idea

An article appearing out of the UK today states in part:Online gambling companies are urging ISPs to do more to prevent hackers disabling computers with distributed denial-of-service (DDoS) attacks.Quick refresher: Extortionists infect thousands of computers with remote control software (zombies, bots, Trojans) that allows them to execute targeted attacks against various e-commerce sites.

April 6, 2005 by Richard Stiennon

Comments

Best Microsoft Metaphor so far

I am still keeping tabs on the metaphors pundits are thinking up to convey the basic disconnect that arises when you think of getting security from Microsoft.

April 5, 2005 by Richard Stiennon

Comments

Dangerous exposure

If you read this blog last week you saw that several of the adware vendors have succeeded in getting their software on to a lot of machines. Almost 40 million in the case of Claria and 180Solutions for instance.

April 4, 2005 by Richard Stiennon

Comments

Hotels on the frontlines

A great article on the legal battles bewtween various ecommerce sites and adware vendors was just published here.My only problem with the article is the author, an attorney, confuses the harm caused by key word searches with the harm caused by having competing pop-ups delivered by adware.

March 30, 2005 by Richard Stiennon

Comments

Challenging hackers, bad idea.

In my time as a white hat hacker for a Big Eight (now Final Four) audit firm I was engaged to break into a large PC manufacturer. First we looked at their internal architecture and found it to be rock solid.

March 29, 2005 by Richard Stiennon

Comments

ISPs and carriers starting to "get" security

I was very happy to see the announcement of the Fingerprint Sharing Alliance this morning.I have long contended that ISP's and carriers abrogated their duty when they took the stance: "We're common carriers.

March 28, 2005 by Richard Stiennon

Comments

The Adware Market Report

Webroots’ advanced research lab has access to huge volumes of data on adware, system monitors, Trojans and cookies. The data is used to come up with the Top Ten Threats list.

March 27, 2005 by Richard Stiennon

Comments