And another Friday dawns. I hope yours goes well. Here we go with today’s bits.
From the Blogosphere.
Via Alan over at StillSecure, the Aberdeen Group is looking for some data on IT Security Patch and Vulnerability Management. To get it, they are asking for us to participate in a survey. We get a shiny report gratis if we do. I probably will.
There is post up over at tssci-security that is taking a look at a several of topics all mashed together, the value of the CISSP certification, specialist or generalist when it comes to InfoSec and a new project being put together by the OWASP group, the People Certification Project. Some interesting thoughts in both the post and comments. BTW – he references Dan Greer’s Source Boston keynote speech. It is well worth reading several times as I believe I have noted before.
Looks like there are some local root shennanegins that can be excersized on a Mac with versions 10.4 and 10.5 of Mac OS X installed. Good old suid fun, but does it really matter? Check out Zero Day’s post and come to your own conclusions.
The Princess of Antiquity is tackling fairly daunting task in bringing a series of articles to us about cryptography that are couched terms the layman can understand. The first is up and is well written. Check it out.
Tom over at Spylogic gave a talk about Online Social Networks: 5 threats and 5 ways to use them safely. He has made his presentaion available here.
JJ has some good guidance for us if we are considering the implimentaion of 802.1x. Very good stuff.
From the Newsosphere.
Via NetworkWorld, Mitchell Ashley reports to us that Red Hat has decided to develop their own virtualization platform based on the Kernel Virtual Mode which is built into the Linux kernel. Go read his article for the reasons for this decision.
Have a great Friday and wonderful weekend.