Re: [SC-L] SearchSecurity: Mobile Security = Software Security
Hi Gary, I agree with everything you write in the article (although I was a bit peeved at having to register to read it...). It ties nicely in with a related topic that is being discussed a lot recently: The danger of QR codes, where people argue that you shouldn't scan QR codes with your smartphone, since you don't know where they take you, and you might get infected with something (as allegedly carried out by Th3 J35t3r a few months back). Again, this is discussing the wrong problem - why are we accepting to use smartphone browsers that fall over at the merest whiff of an attack? -Martin On 07/06/2012 02:29 PM, Gary McGraw wrote: hi sc-l, In April, my monthly [in]security column moved over to SearchSecurity (TechTarget). This month's installation appears in Information Security magazine as well as on the usual websites. Because of all of the great work Cigital has done in mobile security, there was plenty of fodder to draw from for a pithy article on mobile security. Take home message? Build security in! Every software security Touchpoint is relevant and useful when it comes to mobile security. Have a read, and pass it on. Pile on the hits: http://searchsecurity.techtarget.com/magazineContent/Gary-McGraw-on-mobile-security-Its-all-about-mobile-software-security Your feedback is always welcome. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiaceleague book www.swsec.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
Re: [SC-L] SearchSecurity: Mobile Security = Software Security
hi martin, Great to see you in Athens this week. Sorry about the registration thing. As an author, I get very little say in the matter. I hope you registered as Mickey Mouse or Bill Gates. gem On 7/15/12 2:50 PM, Martin Gilje Jaatun secse-ch...@sislab.no wrote: Hi Gary, I agree with everything you write in the article (although I was a bit peeved at having to register to read it...). It ties nicely in with a related topic that is being discussed a lot recently: The danger of QR codes, where people argue that you shouldn't scan QR codes with your smartphone, since you don't know where they take you, and you might get infected with something (as allegedly carried out by Th3 J35t3r a few months back). Again, this is discussing the wrong problem - why are we accepting to use smartphone browsers that fall over at the merest whiff of an attack? -Martin On 07/06/2012 02:29 PM, Gary McGraw wrote: hi sc-l, In April, my monthly [in]security column moved over to SearchSecurity (TechTarget). This month's installation appears in Information Security magazine as well as on the usual websites. Because of all of the great work Cigital has done in mobile security, there was plenty of fodder to draw from for a pithy article on mobile security. Take home message? Build security in! Every software security Touchpoint is relevant and useful when it comes to mobile security. Have a read, and pass it on. Pile on the hits: http://searchsecurity.techtarget.com/magazineContent/Gary-McGraw-on-mobil e-security-Its-all-about-mobile-software-security Your feedback is always welcome. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiaceleague book www.swsec.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___ ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] SearchSecurity: Mobile Security = Software Security
hi sc-l, In April, my monthly [in]security column moved over to SearchSecurity (TechTarget). This month's installation appears in Information Security magazine as well as on the usual websites. Because of all of the great work Cigital has done in mobile security, there was plenty of fodder to draw from for a pithy article on mobile security. Take home message? Build security in! Every software security Touchpoint is relevant and useful when it comes to mobile security. Have a read, and pass it on. Pile on the hits: http://searchsecurity.techtarget.com/magazineContent/Gary-McGraw-on-mobile-security-Its-all-about-mobile-software-security Your feedback is always welcome. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiaceleague book www.swsec.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
