logo
Published on Security Incite: Analysis on Information Security (http://securityincite.com)

The Daily Incite - October 23, 2006

By Mike Rothman
Created 2006-10-23 09:38
Today's Daily Incite

October 23, 2006 - #140

Good Morning:
Kind of an eclectic Monday here in Incite-land. The weekend was good. I was reminded of my kids penchant to touch everything when we went to an art-festival in town on Saturday. I consider myself lucky to not have a house full of broken and battered arts and crafts after that little excursion. We also got to see the authors of the new book Jewtopia [1] wax poetically about their creation on Saturday. Jews will find the book hilarious, non-Jews (who know Jews) will find it entertaining as well. And it was priceless to see my wife trying to set up one of the authors with a friend of hers in NYC. Yeah, that'll work out.

In security-land, I found a couple of articles relative to vulnerability research, first Microsoft blocking some kernel level stuff in the latest Vista RC (here [1]) - which shows they are listening. Then an interview with Metasploit's HD Moore (here [1]). It seems we've found our next security rock-star. Good for him, I personally think HD's work is advancing how seriously vendors take security issues. He's not alone in the fight, but he's been the most visible of late. I also love innovation, even if it's the bad guys. This new malware that ships with an AV engine (here [1]) to eliminate any "competition" on the owned machine had me rolling on the floor. Let the bad guys kill each other off. Sounds like a good plan to me.

In blog-land, Matasano is back (after I fixed my reader, that is) and Thomas makes some good points about endpoint security and application control (here [1]). But I haven't changed my tune. Those without the political mojo to lockdown desktops will have a hard time maintaining the security of their environment. I also point to an interesting post about defining risk management (here [1]) and come to the conclusion that management is for managers and the soldiers should be following orders. But I've always been the bourgeois-type anyway.

Have a great day.

Technorati: Information Security [2]

Top Security News

http://www.informationweek.com/story/showArticle.jhtml?articleID=193401107 [3]
Link to this [3]

http://www.informationweek.com/story/showArticle.jhtml?articleID=193400966 [4]
Link to this [4]

http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1220615,00.html
 [5]Link to this [5]

http://news.yahoo.com/s/zd/20061020/tc_zd/191975 [6]
Link to this [6]

http://www.networkworld.com/news/2006/102306-security-companies-to-watch.html [7]
Link to this [7]

Top Blog Postings

http://blogs.zdnet.com/Ou/?p=350
 [8]Link to this [8]

http://www.matasano.com/log/555/dark-reading-on-endpoint-policy-tools/
 [9]Link to this [9]

http://riskmanagementinsight.com/riskanalysis/?p=34
 [10]Link to this [10]

http://sunbeltblog.blogspot.com/2006/10/walmart-gets-slammed-for-sneaky.html
 [11]Link to this [11]

http://securityincite.com/blog/mike-rothman/understanding-a-durable-advantage [11]

Read Friday's Daily Incite
http://securityincite.com/TDI-2006-10-20 [11]

Source URL:
http://securityincite.com/blog/mike-rothman/the-daily-incite-october-23-2006

Links:
[1] http://www.jewtopiabook.com/index2.html
[2] http://technorati.com/tag/information%20security
[3] http://www.informationweek.com/story/showArticle.jhtml?articleID=193401107
[4] http://www.informationweek.com/story/showArticle.jhtml?articleID=193400966
[5] http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1220615,00.html
[6] http://news.yahoo.com/s/zd/20061020/tc_zd/191975
[7] http://www.networkworld.com/news/2006/102306-security-companies-to-watch.html
[8] http://blogs.zdnet.com/Ou/?p=350
[9] http://www.matasano.com/log/555/dark-reading-on-endpoint-policy-tools/
[10] http://riskmanagementinsight.com/riskanalysis/?p=34
[11] http://sunbeltblog.blogspot.com/2006/10/walmart-gets-slammed-for-sneaky.html