general
On the utility of technical security
- Albert Zenkoff
- 2013-02-07
- Management, error, general, human, inevitability, management, passwords, recovery, security, weakest link
It is often said that the system is only as strong as the weakest link. When you have good security and strong passwords, the weakest link will be the human. As has always been. Think of how the system can be recovered from a breach when the problem is not technical but human. [youtube=http://youtu.be/W50L4UPfWsg]
Read More
Common passwords blacklist
- Albert Zenkoff
- 2013-01-09
- Technology, blacklist, brute force attack, general, Password, password database, password verification, passwords, rules, technology
Any system that implements password authentication must check whether the passwords are not too common. Every system faces the brute-force attacks that try one or another list of most common password (and usually succeed, by the way). The system must have a capability to slow down an attacker by any means available: slowing down system ...
Read MoreQuantitative analysis of faults shows that…
- Albert Zenkoff
- 2012-11-11
- Management, code, Development, general, good code, good developer, inevitability, learning, quality, quantitative analysis, research
Not to worry, we are not going to get overly scientific here. I happened across this extremely interesting paper called “Quantitative analysis of faults and failures in a complex software system” published by Norman Fenton and Niclas Ohlsson in ye god old year 2000. The paper is very much worth a read, so if you ...
Read More
Supply chain: Huawei and ZTE
- Albert Zenkoff
- 2012-10-14
- Management, China, general, Huawei, news, supply chain, supply chain security, telecom equipment, USA, ZTE
US House of Representatives published an interesting report about their concerns with Huawei and ZTE, large Chinese telecom equipment providers. The report states openly that there are concerns that the equipment, parts and software may be manipulated by the Chinese government agencies, or on their behalf, in order to conduct military, state and business intelligence. ...
Read MoreWelcome to “Holy Hash!”
- Albert Zenkoff
- 2012-07-14
- General, basics, fun, general, lighter side, security, why
This is a lighter software security blog. I start it now mainly because of two reasons. First, something has to be done. The recent break-ins at the likes of LinkedIn and Yahoo show that even at the large companies people do not understand the basics of security. By looking at what is proposed and advised ...
Read MoreAbout the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.
Share and stay updated
Share and stay updated
About the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.