The Password Dilemma
I heard parts of this topic on the radio the other day and didn’t really understand the guy’s point since I only caught the tail end of the discussion until I read this article from the Boston Globe. In a nutshell, it challenges the notion of using and changing passwords as required by most organizations and as preached by security professionals. The research described in this article also challenges many of the security best-practices advocated by security experts and how they are actually a hindrance to shall we say, progress.
One thing that I’d like to point out though, it does not take a genius to create a strong password, which for all accounts and purposes there is no such thing. It gives as much protection as a locked door knob to your house. It gives you a layer of protection, but not the protection. Just like a door knob, it can help prevent casual intruders, but not those who are really intent in breaking in. But, I digress. Read more
Information Technology Project Management (with Microsoft Project 2007 CD-ROM) (Paperback)
Review
Ray Guidone, “I feel the author has done a good job of keeping the text simple and well directed.”
–This text refers to an alternate
Paperback
edition.
Information is traveling faster and being shared by more individuals than ever before. Information Technology Project Management, Sixth Edition offers the “behind-the-scene” aspect of technology. Although project management has been an established field for many years, managing information techn (more…)
Yeah Boy! Yah Suck! – David Pogue | Microsoft
This week’s, Yeah Boy!!!
I don’t know if you’ve heard of David Pogue, New Technology Columnist for NyTimes.Com. His website is aptly named: DavidPogue.com. I first got turned on to him (no he did not turn me on 
) when he did the keynote for a marketing conference I attended in Las Vegas about 2 years ago. The man has proven that he had the gift for writing, the gift of gab, he delivers his stuff in a very down-to-earth and funny fashion (both in text and in speech) and as he demonstrated in that keynote speech, he got musical skills, too. He explained that Music was actually his major in college and becoming one of the most recognized and respected tech reviewer in the web today is quite a feat indeed. Read more
Does Microsoft Even Care? Technet willing host of Spammers…
I was out of commission for the past two days, not because I was sick, but is simply loaded with other commitments and barely had any chance to pee… 
…
Anyway, an unavoidable facet of blogging or the Web 2.0 framework in general, wherein the web publisher allows their visitors to submit entries such as comments, is the fact that you will be dealing with a lot of spammers who will use every trick in the book to exploit your system. This blog is no exception. I do, however, care and try to monitor and try my best not to let spammers inundate this blog with useless crap.
It is a standard practice for all Web 2.0 systems developers to provide some form of spam protection in their system and it is wise for the users of these systems to utilize these protections in order for them to avoid getting their site inundated with junk and their mailbox with even more junk. Read more
Bum-A-Post Wednesday: How to Fix a Computer or PC that is Not Booting/Starting Up? How Can I Fix my PC Without Having a Boot CD? Where Can I Get a Boot CD for Windows?
How to Fix a Computer or PC that is Not Booting Up? How Can I Fix my PC Without Having a Boot CD? What Should I Do if I Don’t Have a Boot Disc? Where Can I Get a Boot CD for Windows?
One of my friend’s computer had numerous problems. He used to ignore all the error messages he gets in his Windows XP and continued to work with it, until the day it became dead.
And he asked me how he could revive it, because he was not even able to start his computer and didn’t know where his boot CD was. Read more
Join Me On Facebook
Business Tech Press Releases- Advocacy Groups Embrace "Extreme Data Mining" to Prove Clout on Capitol Hill February 6, 2012
- AJRR Announces Launch of National Joint Replacement Registry Using Remedy Informatics' Next-Generation Registry Software February 6, 2012
- Faruqi & Faruqi, LLP Announces Investigation of JDA Software Group, Inc. February 6, 2012
- ZTE Honors Xilinx With '2011 Best Comprehensive' Performance Award For Outstanding Technical Support, Quality & Delivery February 6, 2012
- Express Scripts, Inc. Announces Pricing of $3.5 Billion Senior Notes Offering February 6, 2012
- From the National Vulnerability Database
- CVE-2011-4872 (desire_hd, desire_s, droid_incredible, evo_3d, evo_4g, glacier, sensation_4g, sen...) February 4, 2012Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STA […]nvd@nist.gov
- CVE-2011-4512 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HT […]nvd@nist.gov
- CVE-2011-4879 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attac […]nvd@nist.gov
- CVE-2011-4514 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. […]nvd@nist.gov
- CVE-2011-4510 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or H […]nvd@nist.gov
- CVE-2011-4878 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via […]nvd@nist.gov
- CVE-2011-4877 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted […]nvd@nist.gov
- CVE-2011-4513 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. […]nvd@nist.gov
- CVE-2011-4876 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, create, modi […]nvd@nist.gov
- CVE-2011-4511 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or H […]nvd@nist.gov
- CVE-2011-4872 (desire_hd, desire_s, droid_incredible, evo_3d, evo_4g, glacier, sensation_4g, sen...) February 4, 2012