PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2008

Poor development practices lead to continued security problems

How is it that in spite of all the work we've done, all the research we've performed, all the best practices we've developed, all the clever technology we've created and all the awareness we've raised, important systems vital to daily life are still suffering fatal security failures? A researcher recently announced that SCADA systems actually are pretty easy to hack, and it would be a bad idea to connect them to the Internet. Well, this doesn't come as any news. We've also learned that an access control technology used for the London transport fare card system is vulnerable to attack. Equally unsurprising, a July research report from a group at UC Santa Barbara describes multiple concerns about the integrity of voting machines from two different manufacturers. According to the group's carefully reasoned document, "knowledge of basic security concepts, their application, and defensive programming practices should be prerequisites for the developers of critical systems such as an electronic voting system." This idea undoubtedly ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

  • Product Review: Symark PowerADvantage 1.5

    Symark's Symark PowerADvantage allows Unix hosts to become member servers of an AD forest and leverage AD's centralized user management and authentication capabilities.

  • Product Review: Shavlik's NetChk Compliance

    Shavlik's NetChk Compliance automates compliance and provides control by actively managing system and security settings and allows the IT manager to identify and mitigate risks.

Columns in this issue