Do you trust standard RFID cards to perform a security function? Probably; most companies use electronic access cards based on RFID, such as those made by HID, to open doors. Unfortunately, they’re not much more secure than a secret handshake - someone could easily watch you do it, and then repeat it himself as needed. [...]
Microsoft TechNet has released their March 2007 issue, which includes part two of Inside the Windows Vista Kernel. This article covers dynamic memory management, ReadyBoost and related features, and the new Credential Provider architecture (replacement for GINA). It’s a good overview, but I wish there was more detail available. This is at least a start [...]
This article on Dark Reading presents several security risks created by virtualization - at least according to a few experts. I think they are neglecting to mention enough of the security benefits that virtualization technologies (such as VMware and Xen) can provide. In my mind, the advantages of virtual machines outweigh the few added risk [...]
NIST just released three great guides relating to network security. SP 800-45 is entitled Guidelines on Electronic Mail Security [pdf], and addresses topics such as securing a mail server, content filtering, various email standards, and of course email encryption and signing.
Also new, SP 800-84 is called Guide to Intrusion Detection and Prevention Systems [pdf]. It [...]
A guy who runs SETI@home on a bunch of his computers used it to locate and recover his wife’s stolen laptop! The SETI client application sends its results to the main database every few days, and then downloads new work to do. Well, when this connection happens, the SETI database logs the client’s IP address. [...]
