Access "Bruce Schneier, Marcus Ranum debate home users and security"
This article is part of the September 2007 issue of How to dig out rootkits
Home users: a public health problem? Bruce Schneier Point To the average home user, security is an intractable problem. Microsoft has made great strides improving the security of its operating system out of the box, but there is still a dizzying array of rules, options and choices users have to make. How should they configure their antivirus program? What sort of backup regime should they employ? What are the best settings for their wireless network? And so on. How is it possible that we in the computer industry have foisted on people a product that is so difficult to use securely, it requires so many add-ons? It's even worse than that. We have sold the average computer user a bill of goods. In our race for an ever-increasing market, we have convinced every person that he needs a computer. We have provided application after application--IM, peer-to-peer file sharing, eBay, Facebook--to make computers useful and enjoyable to the home user. At the same time, we've made them so difficult to maintain that only a trained sysadmin can. And we wonder why home users... Access >>>
Premium Content for Free.
Database Security: Oracle Database Vault
Oracle Database Vault
At Your Service: Atlas Vigilar
What CISOs need to know about computer forensics
With computer forensics needed for civil litigation, human resources investigations and criminal cases, organizations need to ensure they're prepared and evidence is preserved. This feature details steps involved in computer forensics, common missteps, and forensics resources.
Consolidation's impact on best-of-breed security
Standalone security vendors are attractive targets for large infrastructure players such as EMC. This feature looks at the consolidation in the security market and the potential for best-of-breed security to eventually disolve into a mashup of suites and services by big vendors like EMC, IBM, Microsoft, and HP.
Intrusion Prevention: Stonesoft's SGI-2000S IPS
CA Host-Based Intrusion Prevention System
- Database Security: Oracle Database Vault
Norman SandBox Analyzer Pro
Rootkit detection and removal know-how
Get advice on how to detect malware and rootkits and the best ways to achieve rootkit removal and prevent hacker attacks.
Logical, physical security integration challenges
Integrating physical and IT security can reap considerable benefits for an organization, including enhanced efficiency and compliance plus improved security. But convergence isn't easy. Challenges include bringing the physical and IT security teams together, combining heterogenous systems, and upgrading a patchwork of physical access systems.
SIM and NBA product combination is powerful
The recent announcement that Mazu Networks, a provider of network-based analysis (NBA) tools, and eIQnetworks, a supplier of SIM products, underscores the trend towards convergence in the NBA and SIM markets. The value proposition is clear: two useful network/security data analysis tools in one integrated package.
- Malware Analysis
Bruce Schneier, Marcus Ranum debate home users and security
by Marcus J. Ranum, Contributor
Bruce Schneier and Marcus Ranum debate how to deal with the security problems posed by home computer users. Both dismiss user education, but Schneier believes ISPs should be forced to become IT departments while Ranum argues that building simpler systems is not the answer.
Ping: Nate Lawson
Perspectives: The Lesson of Estonia
Prof. Dorothy Denning writes the cyberattacks on Estonia and how they took activism to a new level.
Time to take cyberterrorism talk seriously
With the power of botnets, SCADA systems becoming less proprietary and the recent attacks on Estonia, have we reached an inflection point where we need to take the likelihood of cyberterrorism?
- Viewpoint: Correlate SIMs and log management
- Bruce Schneier, Marcus Ranum debate home users and security by Marcus J. Ranum, Contributor
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...