Financial Applications Security Weblog
Secure Applications for Open Markets
April 2002
Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        
Mar   May

Home
Advisories
Web Services
Web Servers
Middle Tier
Databases
Mobile
Identification
Investment Banking Technologies
Retail Banking
Payment Systems
XML




Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.

Click on the coffee mug to add Pelle Braendgaard's Instant Outline to your Radio UserLand buddy list. 		 
 

10 April 2002
 

A quick intro to Buffer Overflows Attacks

Robert Vamosi over at ZDNet provides a great little not too technical introduction to buffer overflow attacks. You might use this to explain buffer overflow attacks to nontech personell etc.


11:34:16 PM      comment []  

Issues with CSI Cybercrime Survey

Jiri (?) from the brand new Security Weblog commented on my issues with the CSI survey and pointed out two great papers by Mich Kabay about the inherent flaws in computer security studies.

Agree. There is an old saying that goes something like statistics is just a sientific way of fooling people. Pelle points out that the interpretataion of CSI survey is dubious. What's more, sampling on which the survey was based is funny as well. Survey is responded to by security professionals from large organisations. This inevitably affects the results (that are then interpreted in the way outlined by Pelle). And BTW, there are two relevant papers on cyber crime surveys from Mich Kabay who happens to be a security professional and at the same time holds PhD in statistics.[Security weblog]


10:05:57 PM      comment []  


© Copyright 2002 Pelle Braendgaard.
Last update: 10/04/2002; 22:05:58. <