Welcome to TechNet Blogs Sign in | Join | Help

April 2005 - Posts

Wednesday, April 27, 2005 5:09 PM

Internet fraud -- who's fault is it?

Awareness is our biggest challenge, but we've been doing a lot to make this happen. At this point the consumers that are walking into these rediculous schemes need to accept that they are, to some extent, the authors of their own misfortune. I like this
Posted by jeffnew | 36 Comments
Wednesday, April 27, 2005 12:18 PM

Regulatory Compliance: Yet another regulation to follow

The Payment Card Industry (credit-card issuers) have created their own set of regulations that e-commerce sites must follow if they're to continue processing credit card payments. The regs are pretty good -- a 12-point checklist of areas that need to
Posted by jeffnew | 0 Comments
Wednesday, April 27, 2005 11:52 AM

What is Spyware (again)

More progress being made on the anti-spyware front: http://www.eweek.com/article2/0,1759,1788844,00.asp . Industry players are banding together to try and define this. I'm not sure that this is a good idea -- while I agree that the term "spyware" has
Posted by jeffnew | 1 Comments
Friday, April 08, 2005 11:23 AM

Child Exploitation Tracking System developed by Microsoft

This is one of those times that I love this company -- building a tracking system to fight kiddie porn, and giving it away to police departments worldwide. Link.
Posted by jeffnew | 0 Comments
Thursday, April 07, 2005 12:50 PM

DNS Poisoning attacks... will this never end?

TechWeb just posted an article on DNS cache poisoning continuing. The Microsoft KB article can be found here . The problem: cache protection (in Windows 2000 SP3 and above) only applies when the DNS server is a master. If it is forwarding all requests,
Posted by jeffnew | 0 Comments
Wednesday, April 06, 2005 5:52 PM

Vulnerability analysis using search tools

Interesting article: Google Yourself to Identify Security Holes by Tony Bradley. His point is that security people should be using Google and the discussed tools as one facet of a vulnerability analysis program.
Posted by jeffnew | 1 Comments
Wednesday, April 06, 2005 3:54 PM

First open O/S, now open BIOS?

Sorry, I just can't get behind this: Battle brews over unlocking PC secrets . The PC industry has suffered for not having trusted mechanisms for identifying computers and locking down digital rights. I read the article and I still don't see Stallman's
Posted by jeffnew | 0 Comments
Wednesday, April 06, 2005 3:38 PM

New day, new blog

I am switching from MSN Spaces to TechNet over the next couple of weeks. Until I get my old stuff migrated over, if you're interested you can see my old posts here .
Posted by jeffnew | 0 Comments
Wednesday, April 06, 2005 1:25 PM

Strong Passwords = Weak Security

An old article, but still a good one, by Jakob Nielson (formerly at Sun, now at his own company). I strongly agree with his points, particularly: "passwords that comply with the above list of "security-enhancing" principles lead to one outcome: Users
Posted by jeffnew | 1 Comments
Monday, April 04, 2005 10:49 AM

How do we fight spyware when no one can agree what it is?

Ahh, the wonderful world of information security in the United States, where the threat of litigation can keep holes open and spyware active. eWeek has had a couple of articles this week on this topic. In The Chaotic World of Defining Spyware they discuss
Posted by jeffnew | 0 Comments
 
Page view tracker