Freakonomics » Why Has There Been So Much Hacking Lately? Or Is It Just Reported More? A Freakonomics Quorum

24. July 2011 · Comments Off on Freakonomics » Why Has There Been So Much Hacking Lately? Or Is It Just Reported More? A Freakonomics Quorum · Categories: blog · Tags: ,

Freakonomics » Why Has There Been So Much Hacking Lately? Or Is It Just Reported More? A Freakonomics Quorum.

The short answer, yes and yes.

Stephen Dubner gathers opinions from Bruce Schneier, Tal Be’ery (Imperva), Henry Harrison (BAE Systems Detica), Julie Conroy McNellery (Aite Group), and David Jevans (IronKey).

McNellery seems to think that PCI has been a success and has reduced the number of breaches. While the number of credit card breaches has dropped, it appears that it’s because so much credit card data has been stolen that the price for credit card data has been driven down so low that cyber criminals are focusing on other types of digital information to steal.

Just ask Josh Corman.

End-To-End Encryption – The Rest Of The Story « PCI Guru

24. July 2011 · Comments Off on End-To-End Encryption – The Rest Of The Story « PCI Guru · Categories: blog · Tags: ,

End-To-End Encryption – The Rest Of The Story « PCI Guru.

E2EE (End-To-End Encryption) is not a bad thing, but it does have its own set of risks.  And it is those risks that do not get discussed that concern me.  The reason for my concern is that if you discuss E2EE with any merchant, most see it as this panacea, something that will get them out of the PCI compliance game altogether.  However, nothing could be further from the truth.  If anything, E2EE may make PCI compliance even more daunting than it is today.

However, the end-point device that accepts the credit card is in scope! And it’s difficult to prove that the end point has not been tampered with.

The PCI Guru has a set of recommendations for securing the end point.

Lightweight Portable Security LPS-A Linux distro from the US Department of Defense | Unixmen

23. July 2011 · Comments Off on Lightweight Portable Security LPS-A Linux distro from the US Department of Defense | Unixmen · Categories: blog · Tags: , ,

Lightweight Portable Security LPS-A Linux distro from the US Department of Defense | Unixmen.

Lightweight Portable Security (LPS), created by USA’s Department of Defence, is a small Linux live CD focusing on privacy and security, for  this reason, it boots from a CD and executes from RAM, providing a web browser, a file manager and some interesing tools. LPS-Public turns an untrusted system into a trusted network client.

The environment that it offers should be largely resistant to Internet-borne security threats such as viruses and spyware, particularly when launched from read-only media such as a CDROM. The LPS system does not mount the hard drive of the host machine, so no trace of work activity can be written to the local computer.

If you’ve been doing online banking on the same computer which you use for general browsing and social networking, you need to switch your banking activities to this.

Newer articles »