What we're reading, week of 6/30

by VPNHaus | 06/30/2008

From Schneier on Security…

Security and Human Behavior

Bruce Schneier contributes this very thought-provoking post from the first “Security and Human Behavior” workshop, prompting a discussion of how perception and human psychology affect not only the way people assess their security, but the way security professionals devise solutions for problems. Schneier asserts that “[m]any real attacks on information systems exploit psychology more than technology. […] Technical measures can stop some phishing tactics, but stopping users from making bad decisions is much harder. Deception-based attacks are now the greatest threat to online security.” Agree or disagree?


From Rational Survivability…

VirtSec Not A Market!? Fugghetaboutit!

Christofer Hoff responds to the current discussion among bloggers of whether or not virtualization security is a market unto itself. Hoff’s position: VirtSec is simply the next step in the evolution of the existing InfoSec market.


From Security Fix…

Forty Percent of Web Users Surf With Unsafe Browsers

Some interesting statistics here – from a Swiss study revealing that nearly half of Internet users over an 18-month period were not using the most updated, currently patched version of their web browsers. Brian Krebs at Security Fix takes a stab at explaining why: most browsers have a woefully inadequate process for pushing updates to their users.