In today's crop of Bits we have more FAIR analysis, a couple articles about surveillance in the US, a patch for Win 7 Beta and other Microsoft products, a great visualization of application security relationships, virtualization security info and some helpful data recovery advice.

  1. Part 2 is up. The more I read about and see FAIR (Factor Analysis of Information Risk) in action, the more I like it.
    Risk Scenario - Hidden Field / Sensitive Information (Part 2 of 4) << Risktical Ramblings
    Tags: ( risk assessment fair )
  2. A new project over at Electronic Freedom Foundation. Very interesting information.
    The SSD Project | EFF Surveillance Self-Defense Project
    Tags: ( privacy surveillance eff )
  3. This article contains links to some really interesting information. If you are concerned or curious about surveillance in the U.S., you should give it a gander.
    Report: U.S. Surveillance Society Running Rampant | Threat Level from
    Tags: ( surveillance )
  4. The first patch is out of Windows 7 Beta. Be warned that it does not address the SMB issue which does exist for Windows 7 Beta. Read the article for the details.
    Microsoft issues first Windows 7 beta patch
    Tags: ( vulnerability microsoft patches )
  5. Some good information about Microsoft's January patches.
    Inside the MSRC: Microsoft describes Server Message Block update
    Tags: ( vulnerability microsoft patches )
  6. I'm going to print this out and hand it on my wall. Great visualization of application security and how the different pieces relate and interact.
    Jeremiah Grossman: The World of Web Security
    Tags: ( appsec webappsec taxonomy )
  7. Continuing a series on virtualization security, Ryan points out some of the risks inherent in server virtualization.
    Virtualization Security Part 2 - PandaLabs
    Tags: ( virtualization )
  8. A nice post with some really good advice on being prepared for hard drives which are having problems.
    Data Recovery from Dead Drives | Forensics, Security, Auditing | Enclave Forensics
    Tags: ( data recovery )
  9. Another tool that builds a focused word list for brute force password attacks.
    The Associative Word List Generator (AWLG) - Create Related Wordlists for Password Cracking | Darknet - The Darkside
    Tags: ( password wordlists )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.


Reblog this post [with Zemanta]