Re: [SC-L] Choices

2004-11-16 Thread Nick Murison
On Mon, Nov 15, 2004 at 10:16:46PM -0800, Crispin Cowan wrote: > Jeff Williams wrote: > >Not to be crass, but what most consumers care about is what the vendors > >tell > >them to. It's all about the market. Currently, the market is stuck where > >vendors don't disclose anything about the security

Re: [SC-L] How do we improve s/w developer awareness?

2004-11-16 Thread Nick Murison
[ Apologies to moderator for the resend. I've not PGP/MIME signed this one, as I guess that's the reason for the last copy disappearing. ] [Ed. Apologies back at ya, as I'm on the road this week and trying my best to deal with a brain-damaged web emailer. KRvW] On Fri, Nov 12, 2004 at 08:24:59A

Re: [SC-L] Choices

2004-11-16 Thread Nick Murison
On Mon, Nov 15, 2004 at 10:16:46PM -0800, Crispin Cowan wrote: > Jeff Williams wrote: > > >Not to be crass, but what most consumers care about is what the vendors > >tell > >them to. It's all about the market. Currently, the market is stuck where > >vendors don't disclose anything about the securit

[SC-L] .NET Framework Security

2005-01-07 Thread Nick Murison
Dear all, As part of my MSc course in Information Security last year, I wrote my dissertation on .NET Framework Security. As it has now been marked, I felt I should make it publicly available, in case anyone found it interesting or possibly useful. The document tries to give an overview of the s

[SC-L] Community Site Launch - www.threatsandcountermeasures.com

2005-05-19 Thread Nick Murison
.threatsandcountermeasures.com/blogs/marksblog/) for being the main driving force behind this project. Best regards, Nick Murison https://www.threatsandcountermeasures.com

[SC-L] The biggest thing affecting software security? People, apparently.

2005-06-29 Thread Nick Murison
Hi all, www.threatsandcountermeasures.com just closed their poll on what people thought was the biggest thing affecting software security. The results were: People: 80.3% Process:18.2% Technology: 1.5% Results also available from www.threatsandcountermeasures.com/PastPolls.aspx. If th

[SC-L] ThreatsAndCountermeasures.com - content added

2005-07-06 Thread Nick Murison
Hey all, Please excuse the shameless plug. We've added some more content to our Threats and Countermeasures Community KB. New stuff includes: - Securing Network Appliance Admin Interfaces - ARP Poisoning - Running Unnecessary Services on server - Port scanning - Cross Site Scripting - Weak Secu

[SC-L] New T&C poll: Was Lynn right?

2005-08-09 Thread Nick Murison
es.com and submit your vote: Was Lynn right to hold his BlackHat talk? a) Yes, information should be free b) Yes, to safeguard infrastructure c) No, to safeguard infrastructure d) No, he violated IP e) Don't care Best regards, Nick Murison (editor in chief) https://www.threatsandcountermeasures.com