GAO: Cyber Threats Facilitate Ability to Commit Economic Espionage

Another day, another warning, another restatement of the obvious. In the summary, it's noted that in past reports the GAO has made hundreds of recommendations to better protect federal systems, critical infrastructures, and intellectual property. The implication is that prior warnings have gone unheeded, and little's been done about these threats and vulnerabilities from both technology and personnel.

LulzSec Members Confess to DDoS Attacks

This reads like old news, and what's so special about DDoS attacks anyway? So old school.

New Android Malware Is Disguised as a Security App

Nothing really new here, is there? Just some old scam moved to a new platform. We should expect this. Sometime soon, in order to make these appear more legitimate, will these apps carry a price tag and require payment?

Turtle Crossing

Just too strange. We're zipping down Route 6 toward Herring Cove Beach in Provincetown when someone said, "look at that sign. It says 'Turtle Crossing.'" Then, we saw a turtle crossing the road. What are the chances? Not wanting to see the turtle flattened by some speeding vehicle, we doubled back to help it. By the we made the u-turn, the turtle was gone. I guess it got to the other side. What's this got to do with information security? Nothing.

World IPv6 Launch Day

Well, I was on vacation last week, and realized upon my return that I'd missed World IPv6 Launch Day on June 6. Gee, 6/6. Good thing it was 2012 and not 2006 (666). I wonder if anyone did something special to celebrate. Based on sales of books such as Security in an IPv6 Environment and Handbook of IPv4 to IPv6 Transition: Methodologies for Institutional and Corporate Networks, either no one cares or it's very simple.

The 7 Qualities of Highly Secure Software

We just published The 7 Qualities of Highly Secure Software by Mano Paul. Providing a framework for designing, developing, and deploying hack-resilient software, this book uses engaging anecdotes and analogies—from Aesop’s fables and athletics to architecture and video games—to illustrate the qualities needed for the development of highly secure software. Each chapter details one of the seven qualities that make software less susceptible to hacker threats. Filled with real-world examples, the book explains complex security concepts in language that’s easy to understand to supply readers with the understanding needed to building secure software.

This excerpt discusses the need for building security into software. Building security in is about proactively designing and developing appropriate security controls into the software. The quality of building security in that will result in highly secure software can be achieved by addressing the people, the process, and the technology components in the software engineering process.

86% Say No to ‘Dial High Club’: Travellers against Phones on Planes

Well, travellers are apparently on the side of sanity and good sense. I know it's too much to expect the same from carriers. Just because you're able to do something, doesn't mean you should. We can only hope that they somehow require access charges as they do with WiFi, and that the charges are exorbitant. At least there's a "quiet car" on my commuter train, although it should be just one "loud" car, leaving the rest of us in peace and contemplation. "Make the pain go away!"