Schiebel-isms

How do you measure security?

2007-11-20T16:38:00.000Z

A perennial type of question that comes up is how to know if you are secure or measure your security. I have spent some time answering the question here, here, here, here, here, and here. As you...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

How do you feel Mr. IDS ?

2007-11-19T13:35:00.000Z

I recently answered this question where the person wanted to get people's opinion on Gartner’s take on Intrusion Detection Systems (IDS).Gartner says that intrusion detection systems are a costly and...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Close Source or Open Source?

2007-11-17T13:29:00.001Z

This is my answer to this question. Open source is definitely a factor to consider as part of a comprehensive needs assessment. What are you/your client attempting to achieve? What does their...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Defining INFOSEC

2007-11-16T03:35:00.000Z

The below excerpt if from this LinkedIn question. I was attempting to point out that we already had the tools and methods we needed to do our jobs if we only took the time to realize what our jobs...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

How should best practices be developed, who should be involved, and how are they shared in a manner that will make them most credible?

2007-11-15T22:49:00.000Z

My answer to the question was long and rambling. Your question assumes that these decisions are best made using a top down organization where certain select few experts decide what should and...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Blog restart

2007-11-15T22:36:00.000Z

Well, after a long absence I plan on restarting this blog. For those of you not using LinkedIn, I have been spending my energy answering people's security questions in their forums. I plan on...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

You can't fix stupid

2006-07-18T11:37:00.000Z

What a great line. I was watching Comedy Central the other night and heard Ron White utter those perfect words "You can't fix stupid." In one line he summed up why I can spend the rest of my life...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

The Monoculture Myth

2006-05-30T16:22:00.000Z

People build models to understand the world.We sort our world into neat categories to aid in our understanding and decision making. Us vs. Them, Dark vs. Light, Good vs. Bad; used to help us make...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Secure at any price?

2006-05-10T17:28:00.000Z

I was doing my daily scan of Slashdot this morning when I came across the following article - The Failure of Information Security written by Noam Eppel. Embedded within all that doom and gloom is the...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Forensic analysis of Microsoft Hotmail

2005-12-14T19:40:00.000Z

I was talking with a friend the other day about how malware uses email to hack into computers. What’s malware? Read my previous article: Adware and Spyware – are they really consensual? Anyway, my...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Forensic analysis of Microsoft Word documents

2005-12-12T16:01:00.000Z

Microsoft Word documents are stored in a proprietary binary file format that records additional information, known as metadata, beyond just the text of the document in it. Some of the information...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Security through obscurity

2005-11-28T15:30:00.000Z

Protecting your identity online using anonymityIt seems like every week the newspapers are filled with horror stories of people’s identities being stolen, of millions of credit card numbers being...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Microsoft Encrypted File System - Digital Forensic Analysis

2005-11-14T18:18:00.000Z

OverviewMicrosoft has provided its customers with the ability to protect their sensitive files using its Encrypting File System (EFS). EFS allows for the transparent encryption and decryption of...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Trust no one.

2005-06-22T13:19:00.000Z

Let's play the finger pointing gameUnless you have been living under a rock for the last few years you’ve probably heard about “Identity Theft” and all the major security breaches of sensitive...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

What is a good password?

2005-06-06T20:50:00.000Z

Welcome to the 21st century where the average person has to remember more passwords than family member birthdays. Stop right now and think about just how many passwords you use on a daily basis: ATM...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Adware and Spyware - are they really consensual?

2005-05-27T15:29:00.000Z

What is this Adware and Spyware stuff anyway?Adware and Spyware are a class of Malware that some will argue is legal due to the user accepting an end user licensing agreement (EULA.) The basic...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

The word on Information Security

2005-05-24T14:46:00.000Z

Word gamesListed below are two sentences. Read each sentence in turn, close your eyes, and imagine the scene described:An elderly gentleman waiting patiently.An old geezer slouching in the corner.How...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]