Page Content

CERIAS at Portland OSCON 2006


Just a reminder: next week I’ll be in Portland at OSCON 2006.  I’ll be moderating the PHP Security Hoedown wednesday night.  If you’re interested in meeting up and talking about web app security stuff or CERIAS, please drop us a line at oscon@cerias.purdue.edu.

We heart Sun


Our superfriends at Sun were kind enough to bless us with 13 new servers today: 10 Sun Fire X2100s and 3 Sun Fire X4200s:


Sun has been one of CERIAS’ biggest supporters over the years, and their monetary and hardware contributions have been invaluable.  These new machines will be put to good use in experiments, handling our Sun Ray clients, and making our web sites run a zillion times faster.  Wee!

Security expert recommends ‘Net diversity - Network World


I recently did an interview with Network World magazine.  The topics discussed might well be of interest to readers of this blog.
[tags]network security,risk management,diversity,security trends[/tags]

[posted with ecto]

Re:  Security Absurdity


This is a great blog posting: Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security.  The data and links are comprehensive, and the message is right on.  There is a tone of rant to the message, but it is justified.

I was thinking of writing something like this, but Noam has done it first, and maybe more completely in some areas than I would have.  I probably would have also said something about the terrible state of Federal support for infosec research, however, and also mentioned the PITAC report on cyber security.

[posted with ecto]

Passwords and human memory


[tags]passwords, human factors, general security[/tags]
Today, I found a pointer to this short news story: Password Security is Her Game.  Here’s a quote from that story:

Many users have half a dozen passwords to remember. That’s why the most common password is “password.” The usual solution is to write it down. But how secure is that? Practicality wins. The probability of remembering six passwords is not that great. Half the people who say they never write down their passwords need to have their passwords reset because of forgetting.

I wasn’t going to post anything else on passwords so soon, but this seemed particularly pertinent.  Plus, the researcher is a Purdue alumna. grin