gazette | theater | bistro
| Ricci Street
< Port 80 < Shoreline
|| search | sitemap | help gazette | theater | bistro |
| | |
|
|
Over the past few years, students have sent me these links pertaining to security. I haven't tried to categorize them.
AICPA: CPA SysTrust Service
Cisco
Gets Serious About Security
by Rutrell Yasin
Internet Week, September 26, 2000
Cisco today unveiled a blueprint to help organizations embed security functions into their e-business infrastructures.
Snoopware
by Fred Langa
Snoopware -- software that monitors user actions on a PC or
LAN -- is in use everywhere. There's application- metering software that tracks
who's using what application on a LAN. There's nannyware: Web-use monitoring
software that can block access to specified "forbidden" sites, chat
rooms and such. There are proxy-level URL and IP loggers that track (and can
enable or block) accesses to any online resource.
I can see some legitimate uses for snoopware---but not many. And snoopware's
limitations, to me, far outweigh the benefits. As both an employer and as an
employee, when it comes to snoopware, I just say "no."
But what's your take? Is snoopware a good thing, or perhaps a necessary evil? Or
is it an Orwellian invasion of personal rights, and an attempt to substitute
technology for good management? Would you use snoopware on your employees? Would
you let it be used on you? Do you?
Network Fusion's specialized search for security info
The
Four Myths of On-line security
Langa's article in Winmag.com details taking steps to secure your PC from
hackers for free.
So, the trick to making your PC secure is to ensure that any dangerous settings or services (such as "print and file sharing”) are never needlessly connected to a protocol or adapter that’s accessible from the Internet at large, where hackers might exploit them. In other words, by carefully selecting what gets "bound” to what, you can ensure that inherently unsafe services and protocols are simply not accessible to or from your Internet connection.
http://www.acq.osd.mil/ec/ ***
http://www.sfnb.com/infodesk/security_menu.html
**
http://www.onlinecreditcardapplications.com/
**
http://www.ffhsj.com/bancmail/bancpage.htm
http://www.andromedia.com/
http://www.dialog.com/
http://www.hp.com/Ebusiness/main1.html
http://www.maxcommerce.com/
http://digitalid.verisign.com/server/about/
http://www.solucom.com/Home.htm
http://www.govcon.com/
http://www.detnews.com/1999/technology/9901/16/01150247.htm
NEW YORK -- Leading companies ranging from IBM to German publisher Bertelsmann have formed a global group to discourage governments from imposing Internet taxes and other measures that could hurt business over the Internet.
http://www.thestandard.net/article/display/0,1151,541,00.html
The federal trade commission said last week that the private sector's first attempt at self-regulation on the Internet was a resounding disappointment – an assessment that threatened to undo the Clinton administration's vaunted "hands-off" policy.
http://www.heartland.org/studies/kopel-ps.htm
Residential broadband access to the Internet is becoming a reality around the country as long-distance telephone and cable companies spend billions of dollars digitizing the nation’s cable television network. Competition within the cable industry and among cable and providers of other broadband technologies is intense. Against this background, a group of Internet Service Providers, content providers, and local phone companies is demanding access to cable networks on terms as favorable as those that the cable companies offer to their own Internet affiliates and subsidiaries. Granting their demands would endanger future investments in broadband systems, pose insurmountable technical problems, and harm rather than benefit consumers.
Note: this site had executive summaries as well as full-blown articles. It was helpful.
Justice Unveils Wish List To Curb Cyber Crime
by Mary Mosquera
March 10, 2000 ]
Federal powers may need to be expanded to track down cyber criminals, the Justice Department said Thursday. A report released Thursday covered the challenges and highlighted a wish list for curbing unlawful conduct over the Internet
http://www.informationweek.com/search.cgi?site=iwk&action=FilterSearch&filter=unifilter.hts&queryText=government+regulation+of+internet&SEARCH-97=Refine+Search&sort=best
Legally
Binding E-Documents Move Closer To Reality
March 06, 2000
http://www.nipc.gov/
note: This govt site has a lot of information re: cooperative efforts to share security information.
http://www.cio.gov/docs/lawsregulation.html
EXECUTIVE ORDER
NATIONAL INFRASTRUCTURE ASSURANCE COUNCIL
By the authority vested in me as President by the Constitution and the laws of the United States of America, including the Federal Advisory Committee Act, as amended (5 U.S.C. App.), and in order to support a coordinated effort by both government and private sector entities to address threats to our Nation's critical infrastructure, it is hereby ordered as follows:
http://www.cybercrime.gov/
COMPUTER CRIME & INTELLECTUAL PROPERTY SECTION
CRIMINAL DIVISION
January 1999
http://www.alw.nih.gov/Security/security-www.html
This page contains pointers to WWW sites that provide information about computer security. The sites are organized by topic.
http://www.cpi.seas.gwu.edu/
The Cyberspace Policy Institute, established in October 1993, is a center for GW and the Washington area for the analysis of policy problems that have a significant computer systems component. Inside GW, the Institute brings together researchers with interests in these areas, bridging discipline barriers, much as the new information age is bridging cultural and geopolitical barriers. Outside, it works with government and private organizations to examine important issues in computer and communications systems policy.
Note: this is great for those who are interested in those organizations working together for the common good.
What we do and who we are
NEW! NSA FAQ
National
Cryptologic Museum
NSA's Cryptologic History
Places and Documents of Historical Significance
INFOSEC
Information Systems Security
Public Information Release Programs
Mathematics &
Educational Opportunities
Domestic Technology
Transfer
Outreach to the Educational and Technical Communities
http://csrc.nist.gov/isptg/html/
NIST Special Publication 800-XX INTERNET SECURITY POLICY: A TECHNICAL GUIDE
Barbara Guttman
Robert Bagwill
http://www4.law.cornell.edu/uscode/2/ch15.html
Cornell's Computer Policy and Law Program was founded in 1996 to provide leadership to institutions developing technology policies. While our primary focus has been on colleges and universities, we have also worked with the National Education Association and others in the increasingly important area of K-12 education.
Infoseek: M-Tech offers computer password and security products and services, including a password synchronization utility that works on many platforms, such as Novell NetWare, NDS, Windows NT domains, and ... DirectHit: M-Tech offers computer password and security products and services, including a password synchronization utility that works on many platforms, such as Novell NetWare, NDS, Windows 1000
http://www.m-tech.ab.ca/papers/
http://www.handsofftheinternet.org/
Associated Press -- No Internet Tax Likely Anytime Soon
http://www.isoc.org/
Internet Society Mission Statement
"To assure the open development, evolution and use of the Internet for the benefit of all people throughout the world."
Tech Law Journal
http://www.techlawjournal.com/
Stefan Kelm's The PKI page
This page contains links to various sites and documents, the focus of which are on all topics related to Public Key Infrastructure (PKI) material, especially links to all certification authorities (CAs) I'm aware of. Some links may be missing, other links may be out of date so please check back from time to time since I'm regularly updating this page which by definition is far from being complete. Please let me know about missing links.
http://www.tbtf.com/archive/0179.html
- s05
Freedom Forum story is much reported and overblown
http://jya.com/bernstein-9th.htm
The President of the United States has determined that the uncontrolled export of encryption products would compromise this country's foreign intelligence-gathering capabilities and jeopardize important national security and foreign policy interests. The President therefore has directed the Department of Commerce to regulate the export of encryption products under the Export Administration Regulations (EAR).
The key appears to be protecting all of cyberspace from
predatory programs that recruit dozens, even hundreds, of unsuspecting machines
in a denial of service (DOS) attack. Internet service providers could install
filters on the data they ship, to sift out evil pings. Several security firms
hope to introduce "zombie agents" that sniff out unwanted scripts.
Another company, RSA Security, claims it has created a method that, when an
attack is sensed, requires visiting computers to solve cryptographic
"puzzles"—a task that will overwhelm the attacking machines.
Time
story
So if you're looking for a hot stock in the Internet world, you might want to consider one of these cyber-security firms. After all, if there's one thing scarier than the notion of a bored kid holding America's economy hostage with a new smurfing program, it's the prices these types of firms will be able to charge for their services.
It might be interesting to compare this mainstream old-media coverage with computer industry coverage, for example:
Internet.com's Internet News
CMP's
InternetWeek
And with new-media coverage:
The ClickZ network
E-Commerce Times
|
||||||||||||||||||||||||||||||||||||
