|
|
Monday, February 09, 2004
|
|
| |
Mickey Mouse blesses Microsoft DRM.
Question: What is the minimum encryption strength you can use in your enterprise and still gain value?
Answer: 1-bit. Yes, that is not a typo and I understand that there is no such thing as 1-bit encryption. And who knows, it may take the same or even less computation power than ROT-13, but it is a start. Here's why - stories like the one above are always interesting because they simultaneously decry the move towards DRM (get ready - it's coming) and laugh at its weakness. But complete security is a fairytale - there is always a way to break this stuff. What encryption does is put a line in the sand that says "this is encrypted and you know it. If you try to break it, there is no way you can claim ignorance or naivete. Bottom line is you are committing an illegal act (assuming it is copyrighted material, etc.). Then, let the courts decide.
9:32:09 PM 
|
|
A Patch in Time
It is way too easy to knee-jerk your way through patch management, but it can be time consuming and expensive, not to mention risky. This article covers the basics of patch management. There seems to be a lot of good coverage on patch management, so I tried to mix it up a bit and take the spin that Beattie, et. al. took in their Timing the Application of Security Patches for Optimal Uptime. The basic idea is to be a bit smarter about how and when to patch systems.
8:53:32 PM
|
|
While I think there are a handful of alternatives available to stop viruses and worms like MyDoom, it appears that many enterprises are resorting to the "brute force" method. That is, strip all attachments, quarantine everything, etc... There certainly are more precise ways to address the problem. The cost of prevention (in lost end user productivity due to filtered email/attachments, etc.) becomes a factor in the all-or-nothing scenarios.
5:45:05 PM
|
|
|
|
© Copyright
2004
Pete Lindstrom.
Last update:
5/15/2004; 10:13:45 PM.
This theme is based on the SoundWaves
(blue) Manila theme. |
|
|
