Network and Computer Security

We often see articles and sews about denial of service and distributed denial of service attacks (”DoS” and “DDoS”), but besides the fact they render a service useless by trying to overloading it, few details are usually given.

As it turns out, the mechanism is a bit more complicated and it’s not exactly an ‘Overloading’ of the service is the sence we usually mean it, but most of the time it’s actually a flood of the networking layer of the target machine(s).

Abhishek Singh wrote a very good acticle that explains this technique very well. It’s a very good read and a very well illustrated article. Definately worth the read!

It’s no news that no antivirus is 100% safe.

It has always been that way and will always be. The answer is simple: there are actually very few antiviruses sharing the biggest market share (the top 5 AVs most likely represent more than 95% of the installed base). So the virus writters can very quickly check their “lastest,not-released-in-the-wild-yet” virus and see which antivirus applications detect it as a malware and modify it accordingly.

ZDNet just published a good paper on the subject: Why popular antivirus apps ‘do not work’?

The July 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

As usualy, plenty of great articles that give a real insight into what matters as far is computer security is concerned. In particular, make sure you read the “Economics and Information Security” article, as it’s the best I’ve read on this subject so far!

Here’s the summary of the newsletter:
Economics and Information Security
Crypto-Gram Reprints
Google and Click Fraud
A Minor Security Lesson from Mumbai Terrorist Bombings
News
Getting a Personal Unlock Code for Your O2 Cell Phone
The League of Women Voters Supports Voter-Verifiable Paper Trails
Brennan Center and Electronic Voting
Comments from Readers

We’re all wondering which antivirus is the best one to protect our servers.

The guys from Nephentes wondered the same thing and took the time to submit a sample of 4987 viruses to 14 antivirus softwares running on *nix platforms (some free some not).

The full study is here, but if you’re impatient here’s the summary:

(Note: the ‘Trend’ percentage is the variation between the current test and the previous one)

The June 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

The Value of Privacy
Movie-Plot Threat Contest Winner
Crypto-Gram Reprints
Diebold Doesn’t Understand the Security Threat
News
Hacking Computers Over USB
The Doghouse: KRYPTO 2.0
Counterpane News
Aligning Interest with Capability
Comments from Readers

The May 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

Summary:

Movie Plot Threat Contest: Status Report
Who Owns Your Computer?
Crypto-Gram Reprints
Identity-Theft Disclosure Laws
When “Off” Doesn’t Mean Off
News
RFID Cards and Man-in-the-Middle Attacks
Software Failure Causes Airport Evacuation
Counterpane News
Microsoft’s BitLocker
The Security Risk of Special Cases
Comments from Readers

As usual it is an excellent reading, but if you don’t have time to read it all, make sure you read at least the Who Owns Your Computer? and Microsoft’s BitLocker articles, they are especially enlightening!

The April 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

Summary:
Movie-Plot Threat Contest
Airport Passenger Screening
80 Cameras for 2,400 People
Crypto-Gram Reprints
VOIP Encryption
Security through Begging
DHS Privacy and Integrity Report
News
KittenAuth
Terrorism Risks of Google Earth
New Kind of Door Lock
Counterpane News
Evading Copyright Through XOR
iJacking
Security Screening for New York Helicopters
Comments from Readers

You can read it here.