Category: computer security

Functionality > Security

It was reported recently that a security researcher found several exploitable vulnerabilities in a FireEye product. ‘I tried to work with them,’ he said, but was apparently rebuffed/ignored, so here you go: an 0-day. There are at least three sides…

No Accountability, No Peace (of Mind)?

Thanks to the ever vigilant Richard Bejtlich for pointing out Jeremiah Grossman’s slides on the idea of INFOSEC security guarantees. Reading them reminded me of a saying, the exact wording of which I forget now, but it is something along…

Don’t Believe the Hype

I want you to read this tweet:   Two things: 1. The government is constantly whinging on about how we need more sharing. The private sector elements who actually get involved in sharing regimes constantly complain about how “sharing” with…