Learn More About This
Directory
This directory sponsored by SIQL, a Spider Makers company...
1. Membership in International Computer Security Arrangement Increases to Thirteen Nations
- www.nsa.gov
- Membership in International Computer Security Arrangement Increases to Thirteen Nations.
- International support is growing for a common information technology (IT) security product evaluation methodology, as six additional countries join the Common Criteria Mutual Recognition Arrangement. In a ceremony on May 23, 2000, Finland, Greece, Italy, Norway, Spain, and Netherlands signed the Arrangement, bringing to 13 the number of nations that have agreed to recognize each other's security product evaluations. ...
- Increased membership in the Arrangement should provide a greater international market for evaluated IT security products. ... The standard specifies a common language for consumers to convey IT security requirements to product developers and a common evaluation criteria to assess what the developers have produced. Participants in the Arrangement agree to accept the results of IT product security evaluations conducted by private sector, accredited testing laboratories within their respective countries with government certification or validation of test results. ...
- In the United States, private laboratories accredited by the National Information Assurance Partnership (NIAP) will conduct the Common Criteria-based product evaluations. The NIAP is a partnership between the National Security Agency (NSA) and the National Institute of Standards and Technology (NIST) to enhance the quality of information security products and increase confidence in those products that have been evaluated objectively. ...
- America's Codemakers and Codebreakers ## >>Information Assurance >>Signals Intelligence Accessibility Privacy & Security .
2. Rainbow Series and Related Documents
- www.fas.org
- The Rainbow Series is six-foot tall stack of books on evaluating "Trusted Computer Systems" according to the National Security Agency. ...
- The NSA National Computer Security Center Trusted Products Evaluation Program also has some resources along these lines, including: .
- NCSC-TG-001 Tan Book A Guide to Understanding Audit in Trusted Systems Version 2 6/01/88 NCSC-TG-002 Bright Blue Book Trusted Product Evaluation - A Guide for Vendors Version 1 3/1/88 NCSC-TG-003 Orange Book A Guide to Understanding Discretionary Access Control in Trusted Systems Version 1, 9/30/87 NCSC-TG-004 Aqua Book Glossary of Computer Security Terms Version 1, 10/21/88 NCSC-TG-005 Red Book Trusted Network Interpretation Version 1 7/31/87 NCSC-TG-006 Orange Book A Guide to Understanding Configuration management in Trusted Systems Version 1, 3/28/88 NCSC-TG-007 Burgundy Book A Guide to Understanding Design Documentation in Trusted Systems NCSC-TG-008 Lavender Book A Guide to Understanding Trusted Distribution in Trusted Systems Version 1 12/15/88 NCSC-TG-009 Venice Blue Book Computer Security Subsystem Interpretation of the Trusted Computer System Evaluation Criteria NCSC-TG-010 NOT USED NCSC-TG-011 Red Book Trusted Network Interpretation Environments Guideline - Guidance for Applying the Trusted Network Interpretation NCSC-TG-013 Pink Book Rating Maintenance Phase Program Document Version 2 - 01 Mar 1995 NCSC-TG-014 Purple Book Guidelines for Formal Verification Systems 4/1/89 NCSC-TG-015 Brown Book A Guide to Understanding Trusted Facility Management 6/89 NCSC-TG-016 Yellow-Green Book Writing Trusted Facility Manuals NCSC-TG-017 Light Blue Book A Guide to Understanding Identification and Authentication in Trusted Systems NCSC-TG-018 Light Blue Book A Guide to Understanding Object Reuse in Trusted Systems NCSC-TG-019 Blue Book Trusted Product Evaluation Questionnaire Version-2 - 2 May 1992 NCSC-TG-020A Grey/Silver Book Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX System NCSC-TG-021 Lavender/Purple Book Trusted Database Management System Interpretation NCSC-TG-022 Yellow Book A Guide to Understanding Trusted Recovery NCSC-TG-023 NOT USED NCSC-TG-024 NOT USED NCSC-TG-025 Forrest Green Book A Guide to Understanding Data Remanence in Automated Information Systems (Ver. 2 09/91) NCSC-TG-026 Hot Peach Book A Guide to Writing the Security Features User's Guide for Trusted Systems NCSC-TG-027 Turquoise Book A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems NCSC-TG-028 Violet Book Assessing Controlled Access Protection NCSC-TG-029 Blue Book Introduction to Certification and Accreditation ( 09/94 ) NCSC-TG-030 Light Pink Book A Guide to Understanding Covert Channel Analysis of Trusted Systems (11/93 ) .
- United States Signals/Special Intelligence Directive USSID 702, "Automatic Data Processing Systems Security. ...
- NCSC-WA-002-85 Personal Computer Security Considerations .
- National Security Agency/CSS Degausser Products List 25 September 2001 .
- NCSC OAS A Guideline on Office Automation Security 12/5/86 .
- NCSC C-Technical Report-001 Computer Viruses: Prevention, Detection, and Treatment .
- NCSC C-Technical Report 32-92 The Design and Evaluation of INFOSEC Systems: The Computer Security Contribution to the Composition Discussion .
- NSA Information Systems Security Products and Services Catalogue .
- CSC-STD-001-83 Orange Book DOD Trusted Computer System Evaluation Criteria DOD 5200. 28 CSC-STD-002-85 Green Book DoD Password Management Guidelines CSC-STD-003-85 Light Yellow Book Guidance for Applying the DoD Trusted Computer System Evaluation Criteria in Specific Environments CSC-STD-004-85 Yellow Book II Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements CSC-STD-005-85 DoD Magnetic Remanence Security Guideline .
3. Computer Associates GuardIT firewall solution receives Secure Computing Magazine award
- www.itweb.co.za
- Computer Associates GuardIT firewall solution receives Secure Computing Magazine award.
- Issued by: Computer Associates Africa.
- Johannesburg, 15 May 2000 - Computer Associates International Inc. (CA), the world's leading eBusiness solution company, today announced that GuardIT, CA's leading firewall solution for controlling network access to protect systems, has received secure Computing Magazine's (SC Magazine) Millennium Award for " Best Communication Security Product. ...
- The Secure Computing Awards annually honours security products and services that are the best in their class. The award, given by an academy of corporate IT professionals assembled by SC Magazine, selected GuardIT over other security products from Check Point, Internet Dynamics and BindView as the best product for securing wide-area data communications. ... " Paramount in the judging criteria was the product's manageability and scalability.
- "Awarding GuardIT the Millennium Award for Best Communication Security is particularly significant because the decision was made by an Academy of IT professionals for whom communicating securely is a ' must have' whether in an intranet, extranet or Internet environment," said Paul Robinson, editor-in-chief, SC Magazine. ...
- It provides the high-level security found in a proxy solution with the performance characteristics of a packet filter by controlling access to servers from an organization's own network and the Internet at all points of entry. The software is integrated with the Unicenter TNG Framework, making it easy to deploy and manage multiple installations of the product and allowing a single administrator to efficiently and effectively protect an entire network from a central location.
- "GuardIT solves one of the major eBusiness security management issues - maximizing security across a wide deployment, while minimizing effort," said Simon Perry, CA vice president, security solutions. ... Receiving the Secure Computing Magazine award further validates CA's industry-leading position in security software. ...
- Computer Associates .
- Computer Associates International, Inc, the world's leading business software company, delivers the end-to-end infrastructure to enable eBusiness through innovative technology, services and education. ...
- West Coast Publishing is a publisher of magazines and directories in the field of computer security. Their flagship publication is SECURE Computing, which is the leading global computer security magazine. ...
4. Memo on Computer Security Recommendations
- www.acm.org
- We understand that Congress is currently considering many legislative initiatives to address issues of security and law enforcement related to terrorism. ...
- Many of the current security problems faced by both government and industry stem from the acquisition and use of software that is poorly designed, rushed to market, and/or inadequately tested. ... Security personnel often point-out that they are forced to use COTS (commercial off-the-shelf) software with a poor history of security because of issues of cost and lowest bid. ...
- require Federal specification and evaluation of data processing software and equipment to include explicit requirements for standard security features and proof of comprehensive testing for faulty code; .
- require that vendors disclose a full 3 to 5-year history of security flaws, patches and exploitations of the products (and similar products by the same vendors) proposed in response to Federal solicitations, and require that the evaluation of such proposals give significant consideration to these histories; .
- allow Federal acquisition of computing services and equipment to be done from other than the lowest bidders if product security and safety are judged to be significantly stronger than that of the low bidders; .
- disallow vendors from disclaiming liability for products coded with software practices that are well-known within the security and software engineering communities to be careless and dangerous; .
- enable "software self defense" -- explicitly allow consumers to reverse-engineer software or hardware products if that reverse engineering is done to expose or repair software faults or design errors that reduce the safety or security of the products; .
- enable "software community defense" -- invalidate any license or legal prohibition that restricts publication of benchmark studies, product reviews or other descriptions of the products or algorithms when that publication is made to expose or facilitate repair of flaws that reduce the safety or security of the products. ...
- That makes it imperative for those who use it - corporate and consumer alike - to take the initiative to see that the software they own and use meets their own real security and reliability needs. ...
- The ACM is a leading society of computer professionals in education, industry, and government. ... Eugene Spafford, facilitates communication between computer professionals and policy-makers on issues of concern to the computing community. ...
5. Keytrack
- www.keytrack.co.za
- Computer Products and Services - for Southern Africa .
- Keytrack Computer Solutions has increased it's product range to include any product of service that a client may wish. ...
- Keytrack Computer Security was established in early 2002 to address the desktop and computing environmental security issues in Southern Africa. With this idea in mind we developed our own keystroke logging hardware - a product after which we named our company. ... Our goal is to educate commerce industry in the security risks of having desktop computers. We have added to our product a range of items that cover securing of the data on servers and desktops and provide a level of protection that goes beyond the firewall and anti-virus software solutions. ... Though unique Keytrack Computer Security also assists business with consulting services and advice. Keytrack security product range has been puchased by ESS - Encrypt Security Solutions a 100% BEE company specializing in the Information security field www. ...
- Our Mission statement is to provide a level of desktop security, computer products and consumables, advice to business and the Home user that will drastically lower capital and operational costs .
- METHODOLOGY (Security) now ESS - Encrypt Security Solutions .
- At Keytrack we believe in a systematical approach of employing desktop security, although this applies to servers as well. We take it as the first step to backup desktop data to a server and to encrypt strongly that data; this ensures data availability and security. ... Then Keytrack has various surveillance products in its product portfolio that can monitor all users activities on a desktop and report when required. Finally our product range ends with stolen PC recovery software tools grabbing our industry by storm. ...
- FORUMS (Security) Now ESS - Encrypt Security Solutions .
- Due to the nature of our business Keytrack management keeps its employees and consultants updated with the latest technologies and methodologies designed to hack and commit computer fraud. We are affiliated members of the SANS Institute and the CSI - two of the most renowned computer security forums in the world. ...
6. IBM Zurich Research Laboratory, Computer Science, Information Security, Portal page, Infosec
- www.zurich.ibm.com
- Computer Science.
- Information security.
- Network security and cryptography.
- Information security and cryptography.
- Information security, privacy and cryptography are cornerstones of the information society. Integrity of financial transactions, accountability for electronic signatures, confidentiality within a virtual enterprise, privacy of personal information, availability of the critical infrastructure: all depend on the availability of strong security mechanisms. ...
- Our security and privacy research ranges from fundamental research to the implementation of standards-based cryptographic algorithms. ... Both approaches are needed: prevention is always better than detection, but no system will ever provide 100% security on all levels. Zurich researchers were part of the team that developed SET—still the most secure credit-card payment protocol available on the Internet—and designed the technology behind Tivoli's main intrusion detection product, IBM Tivoli Risk Manager, the most recent version of which has been enriched in a collaborative effort with two new sensors developed in the GSAL team located at the IBM T. ...
- We maintain close links to the international security and cryptography research communities, and participate regularly in programme committees of international conferences. ... The IBM Zurich Research Lab is a founding member of the Zurich Information Security Center (ZISC), a cooperation dedicated to fundamental and applied research in information security, led by the Swiss Federal Institute of Technology, Zurich. ...
- See also detailed information about network security and cryptography. ...
7. computer security software: complete Inbox protection by Firetrust
- www.firetrust.com
8. NH&A About
- www.nha.com
- NH&A is a leading provider of anti-virus, firewalls and security solutions. Representing and working closely with a range of (sometimes competing) software developers and firewall vendors, we provide independent, informed recommendations for software and hardware security solutions based on your requirements, operating environment and budget. ...
- NH&A has focused on anti-virus programs and security solutions for the past 14 years. ...
- NH&A provides Internet security solutions including FireWalls (especially the newest hardware appliances), VPNs, intrusion prevention, secure proxy gateways, encryption including SSH, SPAM and web content filtering, and reporting tools for management of your network. We are multi-vendor security product providers and make specific recommendations based on your requirements. ...
9. computer security
- www.pcwash.com
10. Firewalls are still vulnerable | GCN April 12, 1999
- www.gcn.com
- Experts say reliable security occurs as part of a process, not from a package.
- Tippett says agencies need to follow a checklist of security practices to fully protect their Web sites.
- Computer security products are worthless unless installed properly, a security expert told a FOSE trade show audience in Washington last month.
- Agencies should devise a checklist of effective security practices, recompute their technology risks every two weeks and constantly verify that their systems are reasonably secure, advised Peter S. Tippett, president of the International Computer Security Association Inc. ...
- All the sites had firewalls, and their webmasters could have prevented attacks by implementing an integrated, multilayer, ICSA-sponsored security program called TruSecure, he said. ...
- He said “computer geeks think computers are perfect and that we therefore get perfect computer security,” which he called “a social science. ...
- A Defense Department security expert spoke about security threats from insiders. In one survey, 70 percent of security problems were caused by insiders, said Col. ...
- Simmons discussed how the Joint Staff evaluates commercial security products. “If we can, we try to avoid” products from foreign-owned information security companies, he said.
- Large software vendors can win the Joint Staff’s trust by submitting their products for third-party certifications and by having a large pool of users test the products and report any security problems with them, Simmons said.
- The Joint Staff works with security software contractors as well as with niche vendors, such as a small company whose product rates classification levels of Microsoft Exchange e-mail messages on classified networks, he said.
- Judith Spencer, director of government-wide security at the General Service Administration’s Office of Information Security, said firewalls are one component of an effective security system but not foolproof.
- She urged agencies to set realistic security expectations to limit their losses in case of break-ins. ...
- GOVERNMENT COMPUTER NEWS.
11. The Trusted System Evaluation Criteria
- all.net
- Strategic Security Intelligence .
- Appendix A - Commercial Product Evaluation Process .
- "Department of Defense Trusted Computer System Evaluation Criteria" forms the basis upon which the Computer Security Center will carry out the commercial computer security evaluation process. ... The evaluation provides a key input to a computer system security approval/accreditation. However, it does not constitute a complete computer system security evaluation. ... , as in reference Executive-Order-12356 ) must consider additional factors dealing with the system in its unique environment, such as it's proposed security mode of operation, specific users, applications, data sensitivity, physical and personnel security, administrative and procedural security, TEMPEST, and communications security. ...
- The product evaluation process carried out by the Computer Security Center has three distinct elements: .
- Preliminary Product Evaluation - An informal dialogue between a vendor and the Center in which technical information is exchanged to create a common understanding of the vendor's product, the criteria, and the rating that may be expected to result from a formal product evaluation. ...
- Formal Product Evaluation - A formal evaluation, by the Center, of a product that is available to the DoD, and that results in that product and its assigned rating being placed on the Evaluated Products List. ...
- Evaluated Products List - A list of products that have been subjected to formal product evaluation and their assigned ratings. ...
- Preliminary Product Evaluation .
- Since it is generally very difficult to add effective security measures late in a product's life cycle, the Center is interested in working with system vendors in the early stages of product design. A preliminary product evaluation allows the Center to consult with computer vendors on computer security issues found in products that have not yet been formally announced. ...
- A preliminary evaluation is typically initiated by computer system vendors who are planning new computer products that feature security or major security-related upgrades to existing products. ... Technical exchange meetings follow in which the vendor provides details about the proposed product (particularly its internal designs and goals) and the Center provides expert feedback to the vendor on potential computer security strengths and weaknesses of the vendor's design choices, as well as relevant interpretation of the criteria. The preliminary evaluation is typically terminated when the product is completed and ready for field release by the vendor. ...
12. Wiley Higher Education::Computer Security
- www2.jklasser.com
- Home > Engineering and Computer Science > Computer Science > Computer Security .
- Computer Security.
- Computer Security.
- This timely text provides a technical and practical overview of computer security offering security newcomers a grounding in the basic principles involved in preventing security breaches and protecting electronic data. It outlines security strategies to counter problems that will be faced in UNIX and Windows NT operating systems, distributed systems, the Web, in databases and object oriented systems. It covers security as it applies to networking and concurrency. It is aimed at the computer literate, who may not be security gurus but who have legitimate questions and needs.
- Suitable for introductory and more advanced security courses for students of computer science, engineering and related disciplines, as well as in-service and training courses. ...
- E-mail a friend about this product.
13. Product Information on Security
- vnu.bitpipe.com
- Security.
- MORE SPECIFIC TOPICS: AAA | Application Security | Auditing (Computer Security) | Certificate Authorities | Cybersecurity | Data Security | Database Security | Email Security | Homeland Security | Internet Security | Network Security | Virus Protection | Web Application Security.
- Information Security Training Services by IQ NETWORKS .
- Description: IQ Networks offers a top down approach to security training that encompasses everyone, from end users to security administrators, offering to each audience the level of knowledge required for their specific role.
- Information Security Training Services (Product Overview) .
- Description: F-Secure Policy Manager, allows your system administrator to manage all the critical security applications from antivirus protection to file and network encryption from one single console.
- Description: WinBatch+Compiler is the most cost-effective way to standardize operations, automate windows applications and improve security and ease-of-use.
- Security .
- UK Magazines: Computing | Computer Reseller News| Infomatics | Network IT Week | Computeractive | PCW | WhatPC? .
14. security products
- www.stargeek.com
- stargeek home PHP scripts articles seo tools links search contact shop security products. ...
- PC Guardian introduces new desktop security products.
- pc guardian today announced two new computer security products -- the double guardian and the adhesive mount mini-plate. ...
- New Outlook for Enterprise Security.
- the beginning of the year always brings a flurry of new product announcements from marketers eager to jump-start sales. the computer security industry is no different from other sectors in this respect. vendors have arrayed a virtual smorgasbord of new security products for the enterprise. ...
- * community-based web sites - forums, weblogs, personals * development tools - languages, debuggers, version control * file sharing systems - swarming distribution, distributed search * security products - mail encryption, intrusion detection, firewalls link (via the farm) .
- PC Guardian introduces new desktop security products.
- PC Guardian introduces new desktop security products.
- PC Guardian today announced two new computer security products -- the Double Guardian and the Adhesive Mount Mini-Plate.
- Security Bugs in Oracle, Lotus Products.
- Security Bugs in Oracle, Lotus Products.
- NGSSoftware has released a slew of security alerts for vulnerabilities in enterprise products from Oracle and IBM's Lotus.
- Just after the Wi-Fi Alliance touted how many companies have received certification for the WPA security specification, some vendors are suggesting they may not seek certification for some products: Going forward, the Wi-Fi Alliance requires WPA for any product to be certified. Netgear said that while it plans to certify ts products that target business users, the company is not sure if it will submit its consumer devices for certification because consumers are happy with the more basic security mechanisms. ... With all the buzz around the lack of security in Wi-Fi, I would think that most vendors will want to offer as much security as possible to reassure nervous potential users.
15. Argus Systems Group - Secure Application e-Commerce Environments
- www.argus-systems.com
- Security Paper .
- Computer Security Technology Planning Study .
- of the Innovative Security .
- for future Security Papers .
- PitBull provides powerful, award-winning security for today's most critical e-business environments. Its unique, patent-pending Secure Application Environment technology protects against software security flaws by isolating applications into separate security compartments. ...
- Announcing PitBull Protector, a new security technology from Argus designed to prevent the exploit of Microsoft IIS vulnerabilities to gain administrative control and system wide access of Windows 2000 servers. ...
- Check out the PitBull LX Interactive Demo and see the inner workings of our market-leading, security software. ...
- Available for AIX, Linux and Solaris architectures, PitBull is used by the world's most serious security practitioners—from international commercial centers, including Credit Suisse and Chase Manhattan, to government agencies, such as US Army CECOM, and global organizations, such as Baha'i International Community.
16. Computer Security Index
- www.faqs.org
17. security product
- www.barexamstore.com
- security product.
- Microsoft TechNet Security - Product Security Notification .
- Microsoft techNet Security - Product Security Notification. ...
- Microsoft patches, including security patches. Select OS version as both "Product Name" and "Operating. ...
- Commercial Product Evaluations .
- The Computer Security Evaluation Frequently Asked Questions (V2. ...
- Astaro Internet Security - Linux VPN, Network Security, Anti-. ...
- Enterprise Wireless LAN Security & WLAN Monitoring - AirDefense .
- GFI Network security .
- Offers network security software including intrusion detection, security scanner, anti virus for Exchange. ...
- Zone Labs: Zone Labs, Internet security products, online safety,. ...
- SCO | Support | Security Advisories .
18. SOHO Data Defence. Links to IT Security product reviews.
- www.sohodatadefence.com
- We help to protect your own Internet security is just like home security. ... We can help you with training, installations and configuration of security products.
- Home Your Risks Security News --> Company Info Forum Security Links Contact Us .
- IT Security News --> Your risks.
- • Computer hijacking .
- • Protection against Computer hijacking .
- IT Security Forum Security Links.
- • Security Product Reviews.
- Updated on 20 December 2003 Various security Products Reviews .
- Finding the right firewall in "Security Focus" magazine from 08 December 2003.
- This brilliant site has a lot of information on all sorts of security software. ...
- Shield IP! contains very good explanation what Personal Firewall should be able to do and how it protects your computer.
- Don't forget that whatever antivirus product was capable of protecting you from just yesterday, it is obsolete without this morning update.
- It reviews antivirus products regularly and let you check which product on this overcrowded market really does the job today and how it fared for the last few years. You would be amazed if you compare real results (how product does what it is bough for) of so called market leader and so called underdogs (I would recommend to compare my favorite Norman Virus Control with whatever you consider to be the market leaders). ...
- Added: MS Security Readiness Kit link added , Protection against Computer Hijacking, New destructive virus is here: W32. ... Infected computer can be later used by hackers in criminal activities. ... It allows attacer to hang target computer. ... A@mm 19 September 2003 Another Security issue found in MS Windows(Windows 2000, XP, Windows 2003). It allows hacker to remotely compromise unpatched computer (just like one that Blaster used). ... 10 September 2003 Microsoft issued several new security patches. ... MS Security bulletins are here.
19. Wonder Software Technologies launches desktop security product - Express Computer India
- www.expresscomputeronline.com
- Wonder Software Technologies launches desktop security product.
- With an eye on the desktop security market, Delhi-based Wonder Software Technologies, which is into IT security products recently launched a new desktop security software called ‘Wonder Secure’. The company is also planning to launch a log on security software called ‘Wonder Lock 2000’ in September 2001, and add 90 dealers to its existing channel network in a month’s time. ...
- Says Rameshwar Saran, Director, Wonder Software Technologies, “The desktop security software, ‘Wonder Secure’, is a simple-to-use standalone, desktop security software that lets users encrypt their data and thus secure various files and folders in the computer with a single click. ... The product functions using a Personal Identification Number (PIN) and ‘pass phrase’, chosen by the user. ...
- This would not allow anyone access the computer as the private key is necessary for encryption and decryption. ...
- Also in the pipeline is a log on security software called Wonder Lock 2000 that is specifically for Windows 2000. ... Once installed on the computer, this software asks for the i Key at the time of log on, which consists of the public key certificate. Once the software recognises the public key certificate on the i Key, it allows the user access to the computer. While going away, the user takes along the i Key, thus preventing others from accessing the computer. ... This product would provide for encryption and decryption to secure data in computers. ...
- Wonder Software Technologies was formed in September 2000 and is into IT security products. The company’s first product was a PKI-based IT security software, Wondercrypt. ... The company had earlier announced a tie-up with a South Korean company, BTN Korea, to market and jointly develop IT security software.
20. Article: Security through obscurity
- www.wikipedia.org
- Security through obscurity.
- Security through obscurity or security by obscurity is a controversial principle in security engineering, which attempts to use secrecy to ensure security. A system relying on security through obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that the flaws are not known, and that attackers are unlikely to find them. ...
- For example, if somebody stores a spare key under the doormat in case they are locked out of the house, then they are relying on security through obscurity. The theoretical security vulnerability is that anybody could break into the house by unlocking the door using the spare key. ...
- In cryptography, the reverse of security by obscurity is Kerckhoffs' principle from the late 1880s, which states that system designers should assume that the entire design of a security system is known to all attackers, with the exception of cryptographic key secrets. It is, from the original French, "The security of a cypher resides entirely in the key". ... Historically, security through obscurity has been a very feeble reed on which to rely in matters cryptographic. ...
- The full disclosure movement goes further, suggesting that security flaws should be disclosed as soon as possible, delaying the information no longer than is necessary to fix or workaround the immediate threat. ...
- It is sometimes argued that security by obscurity is better than no security. ...
- Many people believe that 'security through obscurity' is flawed because: .
- secrets are hard to keep - in particular, placing information in binary computer code does NOT guarantee its secrecy, and at most requires more effort on the part of the adversary .
- security flaws can be found without access to the secret design .
- It also has a negative impact on research into effective security; it is however very tempting to the ignorant or self-deluded and to politicians who would like their support. ...
- specifically, many forms of cryptography are so widely known that preventing their gain by a national government would likely be impossible; the RSA algorithm has actually been memorized in detail by most graduating computer science students. ...
- security flaws can be publicised, thus removing the obscurity very rapidly .
21. Computer Security Specialist
- www.avtechresearch.com
- Minimum/General Experience: Must have a minimum of seven years’ experience, of which at least five years must be specialized experience in defining computer security requirements for high level applications, evaluation of approved security product capabilities, and developing solutions to MLS problems. ...
- - Analyzes and defines security requirements for Multilevel Security (MLS) issues. ...
- - Gathers and organizes technical information about an organization’s mission goals and needs, existing security products, and ongoing programs in the MLS arena.
- - Coordinates with appropriate agencies to obtain facility security accreditation. ...
- Military service may be desirable depending upon security function. ...
- Computer Security Specialist.
22. Alphabetical List of Personal Computer Security Products
- www.timberlinetechnologies.com
- SECURITY PRODUCT LINKS.
- SECURITY RESOURCES.
- SECURITY WORKSHOPS.
- SECURITY ADVISORY LINKS.
- SECURITY NEWS LINKS.
- Alphabetical List of Personal Computer Security Products .
- These links are provided as a free service to those seeking commercial information security products or shareware tools. The fact that a product is listed here is not an indication that Timberline Technologies LLC has evaluated it nor that we recommend it. The descriptive text is generally taken from the vendor's own product literature. The buyer has the ultimate responsibility to ensure that the information security product is suitable for its intended use. Please follow the links to the vendor pages to obtain more detailed information on a particular product. Additional guidance on product selection can be found in the On-Site Security Workshops.
- Vendors Please Note: If your product does not appear in this index or if you feel that it has been incorrectly categorized please contact webmaster@timberlinetechnologies. ...
- Product Name.
- Provides you with a way to add security to your PCs by limiting certain functionality in Internet Explorer and Netscape Navigator. ...
- Gives administrators the ability to remotely alter security parameters affecting the secure file system and secure registry, execute any program on any machine, as well as reboot, logoff, or shutdown any machine on a network running Fortres 101 on the client machines. This program is designed for use on one computer, preferably the administrator's computer(Server). ...
23. alt.computer.security: Senior Product Manager - Marketing - Security Software - Montreal
- www.derkeiler.com
- MS Security Response is a bunch of half-witted morons .
- computer. security > 2003-08 News Mailing-Lists Search Service UNIX / Linux / Coding / Directory Privacy Senior Product Manager - Marketing - Security Software - Montreal.
- Senior Product Manager - Marketing - Security Software - Montreal .
- A new position has been created for a Senior Product .
- the computer security needs of consumers. ...
- Driving the product definition process and product roadmap .
- Working with the engineering team to define the next generation of security .
- timely product delivery and release .
- 5-7 years of top notch product marketing/management experience with security .
- Ability to develop rfps, white papers, present forecasts and product and .
- computer. security > 2003-08 News Mailing-Lists Search Service UNIX / Linux / Coding / Directory Privacy Contact: security@der-keiler. ...
24. Microsoft Bows First Security Product
- www.internetnews.com
- Microsoft Bows First Security Product.
- followed up with a company first Wednesday -- a foray into security. ...
- After more than three years in the shop, the giant debuted its firewall and Web cache product, Internet Security and Acceleration (ISA) Server, as part of its Microsoft. ...
- Like many firewall products, ISA offers protection of the network from unauthorized access, defense from external attacks, the ability to inspect incoming and outgoing network traffic to ensure security and the ability to alert administrators to suspicious activity. ...
- Hong Kong-based online broker Celestial Asia Securities Holdings Limited (CASH) opted to beta test Microsoft's first security product to protect its 70,000 clients and found it better suited their needs than products from Cisco Systems Inc. ...
- ISA has also apparently passed the 90- to 120-day ICSA Labs firewall certification test, a gateway requirement for firms looking for a firewall, with flying colors; the firewall product only took about a month to complete the test. ...
- But is the picture for the product release as rosy because of its "easy to manage" reputation as Microsoft's research suggests? One security expert, Wayne Pierce, director of service development for Cambridge, Mass. -based Athena Security Inc. ...
- Pierce said that while Microsoft's beta testers and sources seem to be pleased with the ISA product, he said how easy it is to use may actually be a reason for concern. ...
25. Vmyths.com- Truth About Computer Virus Myths & Hoaxes
- www.vmyths.com
- CAN YOU NAME the one piece of software that needs more security patches than all other software on your computer, combined? The answer seems obvious when you compare these two companies: Name: Sophos .
- Total number of security patches issued in 2002: at least 226, just for a single computer security product (source: Sophos email alerts) .
- Total number of security patches issued in 2002: 72, for all products combined (source: Scott Culp, former manager of Microsoft's Security Response Center) .
- 3 security patches per week just for a single computer security product .
- 0 security patches per month for all Microsoft products combined .
- Ironically, you'll earn bad media coverage if your firm issues an occasional security patch for non-security products -- yet you'll earn good media coverage if your firm issues a relentless stream of security patches for a security product. ...
- Internet Security .
- Hoaxes NOT related to computer security .
- Security firm announces it will ATTACK customers at no extra charge! .
Other related topics:
Do you have a great site about Computer Security Product? Is
your Computer Security Product site listed here?
Would you like a prefered placement of your site in this directory?
It's easy! First place, the HTML from the box below on your page that
you would like listed in this directory.
Then use our link submission request with
your name, your contact information, and the URL of your site that has
a link to this directory. After we
verify your link to us, we'll make sure your site stays in our directory,
and we'll give it prefered placement here also.
Here is how to make a simple text link to us. Just copy the code in this
box to your website:
We can also develop a custom Guide To The Internet for your site. Please
request your own
custom Guide To The Internet.
This custom Guide To The Internet produced by
Siql. Visit us today, and find out how to get your own
custom guide to the Internet, and how to get your site
listed in our guides.
Copyright 1995-2004 by Siql. All
Rights Reserved.
