Security Balancetrying to bring balance to the Force |
 |
This blog has been quite silent lately as I haven’t been finding anything interesting to write about. Even the Verizon report, there’s certainly interesting stuff there, but so many people have talked about it that I don’t even feel compelled to do it. Anyway, there’s at least one thing to mention. I’ve just changed to a new role on [...]
It’s good to see that Visa is putting additional pressure for truncation and tokenization of card numbers. However, “PCI DSS solutions” in general cost money that the merchants and service providers in general don’t want to spend. They make sense from a technical point of view, but they incur in costs that would eventually drive those [...]
An interesting discussion has been produced by the blog post from HD Moore related to the value of learning assembly for penetration testing. It was intensively discussed on the cisspbr forum, but mostly because of other reasons. As HD said, almost all additional knowledge is useful. I agree with that, but I think we should [...]
This is a information security blog, but it’s also an opportunity to talk about an important cause. Please, take some time to donate (even one dollar) to the victims of the earthquake at Haiti: RED CROSS: www.redcross.ca WORLD VISION CANADA: www.worldvision.ca UNICEF: www.unicef.ca SALVATION ARMY: www.salvationarmy.ca MÉDECINS SANS FRONTIÈRES: www.msf.ca
I received an e-mail from (ISC)2 about their new social network website. I tried to use it, but I’ve got the following message: Sorry, an error has occured. You must be an (ISC)2 member and have JavaScript enabled in order to access the InterSeC Website. Please enable JavaScript in your browser, log back into the Member [...]
I’m ashamed that my blog has much more of these posts that it should, but yes, this is another one. I’m not posting anything here for some time, life has been a little more demading than usual for other “stuff”. My dog is quite sick (that’s expected for a 17 year old dog, isn’t it?) [...]
It was written some weeks ago by Stuart King. I love it. Two key points for me: “Many “experts” preach the importance of working through risk models. It’s a load of tosh. No matter which way you try to do it, you’ll always come out with the answer you first thought of. You might as [...]
That’s Google motto; however, there is really some room for thinking after watching the presentation from Ira Winkler. The most interesting thing is not only the huge amount of data that Google has, but their posture on inquiries and complaints about them. Still, they are usually seen as a “cool” company. As Ira said, what [...]
I must say that I should be writing ten times more than I’m actually doing these days. The main reason is that the subjects that I’ve been interested in writing about are so great that I don’t want to just throw a simple post about them. I’m trying to give some room to my thoughts [...]
Don’t you hate when you are reading what should be an independent article and suddenly the author starts to describe a solution to a problem with a list of stuff that “happens to be” just like the features of his company’s product? The guy is writing about processes and suddenly you find stuff like “a [...]
