When I entered the US this time, I got a brochure on how I could avoid the line at immigration and just get a fast track by registering with the Global Entry Program, a program, which would pre-screen me and then I just have to register with a machine by entering the US. As I understand, this is a re-start of the Clear program TSA had a few years back. I looked at it and as waiting time in the lines in Seattle (where I enter the US in 95% of the cases) is shorter than the waiting time for the luggage, there is no real benefit for me opposed to the privacy and security questions (yes, I am paranoid).

This morning then, I read an interesting blog post by Bill Nagel, a Forrester analyst, called It’s The Database, Stupid, covering some of the worries linked to those programs. It is a really good – not emotional – read.

Roger

Why pay for a Anti-Malware solution if you can get one of the best solutions in the world for free – go and download it! It is there: http://www.microsoft.com/security_essentials/

And now, the disclaimer: It runs only on genuine Windows!

Have fun, enjoy. I am running it since quite a while with my friends and families and they all love it as they do not see and feel it at all – unless something bad happens. It is great!

I read an article on Cyber Security Challenge Brings Out the Best about a “defend your system” challenge by the USENIX Security Conference in Montreal, Canada. I like the approach: Find and fix common vulnerabilities on a web server.

Roger

I recently had different discussions with different customers and we were looking into the key questions to ask, when you plan to move to the cloud (yes, I am working on a corresponding blog post). I was then asked whether we have an answer to these questions – well no. For sure not for all of them and I stated that I am not only sure whether we know all the questions yet…

I then stumbled across the following article Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. A very interesting approach to attack a virtual machine in the cloud if you use Infrastructure as a Service – they used Amazon EC2 as an example.

This definitely introduces new ways of attacking an infrastructure – and therefore new questions and risk. So, make sure you have the proper risk management processes in place

Roger

I started to read the article and actually just wanted to Tweet about it but then I voted and had to publish at least the current state:

When it comes to security, who do you trust more?

• Microsoft (44%)
• Google (32%)
• Neither (22%)
• Both (3%)

Total Votes: 716

This is just now – might change but it is very good to see.

Take your vote (if you need help where to click, let me know…)

Roger