Open source code – in the form of libraries and frameworks – plays an important role in much of today’s software development. But it’s not without its risks. Many people assume that the open nature of the code means that it is heavily scrutinised and that , according to Linus’ Law, “given enough eyeballs, all bugs are shallow”. But open source… Read more »
» Listen or download now on the podcasts page » Is the real threat to our security APTs or apathy? We all know that the software on our systems contains vulnerabilities and needs constant patching. And malware generally attacks well-known vulnerabilities that we have the ability to fix. So why isn’t it done? “If you can implement a good vulnerability management programme,… Read more »
» Listen now or download on the podcasts page » Offensive Security used Black Hat Europe in Amsterdam to launch the next incarnation of its popular pen-testing Linux distribution. BackTrack has now become Kali – a name derived from a warlike god or an African word meaning ‘hot’ or ‘fierce’ – take your pick. It represents a somewhat surprising change in direction…. Read more »
Apple’s solution to the Flashback trojan problem is an interesting one, even though I suspect it’s going to annoy some people. The firm has released three Java updates in rapid succession, none of which appear to fix the original flaw that made the Flashback trojan viable. But the third update did include a removal tool for known versions of the… Read more »
What will it take to make our information systems secure? The answer is simple: an alternative universe in which these systems aren’t designed and built by humans. Take a look around. What can you find that was made by a human and doesn’t contain flaws? Even in great works of art – a Rembrandt portrait or a Mahler symphony –… Read more »