All Posts

A thumbnail image

Microsoft to CIOs: Drop Dead

Microsoft’s new advice for securing Active Directory does customers a disservice by focusing on the wrong things. Tomorrow’s “Zero Trust” and Azure roadmaps won’t stop today’s ransomware epidemic. Enterprises need to protect the Active Directory they’ve already got.

Retired Comedians and Missed Opportunities

There’s this old joke about a comedians’ retirement home that goes something like this:

An aging comedian decides to retire to a community that has just other comedians living in it. On his first day there, he does down to lunch, and there’s a bunch of retired fellow comics sitting around the table.

The Futility of Geographic Security Metrics

While I would not call this a trend, I have noticed that lots of security companies like to put together impressive-looking charts, graphs and reports that purport to compare various metrics by country. Here are two recent examples:

SANS, Schadenfreude and the Mac

I’ve got to wonder about the what planet the SANS people live on these days. Apparently, in an effort to make their semi-annual Top 10 list of vulnerabilities appear “fair and balanced,” they’ve decided to whip up panicky sentiments towards Mac OS X.

I won’t offer either of the usual obligatory and contrary platitudes on this subject (“Dood! Macs are invulnerable” or “of course, no system can ever be 100% secure”), because you know them already. Other folks, like Scott Bradner have made the latter argument well. But I will say that I think this stuff is a tempest in a teapot, designed to get some press for SANS.

Blended Threats == Hemlock Smoothies

An open letter to all anti-virus software makers: February 2, 2006 Dear Antivirus Industry, Why are you so addicted to the term “blended threat”? It seems to mean something special to you… but it means nothing to anybody else.

The Symantec Threat Report: Read Between the Lines

Like many other people, I’ve downloaded and read the semi-annual Symantec Threat Report. I’ve always been a fan of this publication, which provides a level of texture, richness and depth about malware and threat trends that isn’t easy to get anywhere else. Symantec understands they’ve got an exploitable asset—their DeepSight sensor network—and they’re flogging it for all it’s worth. Good on ’em.

There’s been plenty of ink spilled in the press (e.g., Computerworld, El Reg ) about what the latest report means. Controversies and headlines abound: is Firefox really less secure than IE? Are Mac users living in a “false paradise” as the report claims? Are botnets running the universe?

All of these are important questions, and the report gives information on all of them. I recommend you read the report for yourself, and reach your own conclusions. That said, I find the report more interesting for what it doesn’t say. Reading between the lines is the best way to read the Symantec Threat Report.