Computer security

"Designing a cryptosystem is hard. Just as you wouldn't give a person -- even a doctor -- a brain-surgery instruction manual and then expect him to operate on live patients, you shouldn't give an engineer a cryptography book and then expect him to design and implement a cryptosystem. The patient is unlikely to survive, and the cryptosystem is unlikely to be secure." - Pandu ● IT Optimizer from Bookmarklet

"AV-Comparatives rated the security companies from best to worst: Advanced+: Microsoft, ESET, Kaspersky; Advanced: AVIRA, G DATA, BitDefender, eScan, Sophos, Symantec, McAfee; Standard: AVG, TrustPort, Avast, F-Secure; Tested: Norman, Kingsoft" - Mike from Bookmarklet

Problem in javascript execution leads to major vulnerability. Until patch is released, users should disable js in Adobe and Reader. - Mike from Bookmarklet

"The virus was responsible for shutting down the court system in Houston, Texas this week. About 475 of the city's 16,000 computers were affected by the virus, which first appeared last Wednesday ..." - Mike from Bookmarklet

"How to use Group Policy settings to disable all Autorun features" - Mike from Bookmarklet

Explains why standard instructions for disabling autorun are inadequate, and how to do it right. The autorun has been a big factor in the spreading of much malware, since the computer automatically runs whatever is specified on a removable storage device. - Mike

"Clock ticking on worm attack code" -- 9.5 million infected computers to date - Mike from Bookmarklet

Summary of how an 802.1x/RADIUS solution can help small organizations and businesses. Discusses cost-effective methods of implementation. - Mike

Two part tutorial on how to set up and use the *built-in* RADIUS server in the low-cost but high-quality Zyxel NWA-3160 access point. Part 2 of the tutorial is at http://www.wi-fiplanet.com/tutoria.... "In this new two-part tutorial, we will walk readers through step-by-step instructions for setting up an AP's internal RADIUS server. For this series, we used the NWA-3160 AP from ZyXEL. The beauty of this solution is the simplicity of the money-saving workaround. Even if you already have an existing wireless network, you can add a single NWA-3160 (or another other similar AP) and use its RADIUS server for the network, enabling 802.1x authentication and WPA-Enterprise encryption implementation at a fraction of the cost of a traditional server. In other words, only one NWA-3160 is needed; it can serve as the RADIUS server for all the other APs on the network." - Mike

Good exaple of working through an infected system. - Mike from Bookmarklet

How the bad guys use search engines like Google to direct you to the sites where they can infect your computer. - Mike from Bookmarklet

"We are one of the internet's leading anti-phishing sites, maintaining a massive archive of phishing and identity theft email scams." - Mike from Bookmarklet

Caveat clicktor - Mike from Bookmarklet

Discussion of cybercrime as big business - Mike from Bookmarklet

User-friendly article about how and why to keep software up to date. - Mike from Bookmarklet

"We wanted to study an attack class we call impersonation attacks, i.e., all attacks in which an attacker wants to steal a credential from a victim in order to impersonate as the victim at a provider." Tells about the large number (thousands to tens of thousands) of stolen credentials they found, and mentions how to avoid being a victim. - Mike from Bookmarklet

Some suggestions are better than others (I don't think most people are really going to go for steganography) but it's certainly a list to get you thinking about how secure your data is. - Mike from Bookmarklet

Sounds wonderful! We're going to give it a try - Mike from Bookmarklet

It can happen to you, too. How to prevent such an attack and limit the damage if it does occur. - Mike from Bookmarklet