[ Book Review ] :: CISSP Training Kit (Microsoft Press Training Kit) 1st Edition

This year (2015) is the year the CISSP changes from a 10-domain test to an 8-domain test, beginning April 15, 2015. I teach certifications, and always find these updates tricky: often the new materials don’t come until six months later. As I write almost all the new CISSP books are only “Available for pre-order.” So …

When Security Is Too Hard For Your Mother: a Dark Matters article

We in the US have been getting our InfoSec pants pulled down and our lunch money stolen on the playground for months, years now. I’ve bitterly complained about the nation/state actors and the non-nation actors and our own government actors, with all the usual results of complaining. We’d better get serious immediately, at the personal …

Advanced Q&A at Super User

“Super User is a question and answer site for computer enthusiasts and power users. It’s 100% free, no registration required.” http://superuser.com/ ***

Gearing Up the Workforce: Will the “crash courses in coding” model work in Albuquerque?

I’ve been thinking a lot about this business model since long before seeing this article in the Albuquerque Journal: http://www.abqjournal.com/386690/news/crash-courses-in-coding.html The article comes out of an Atlanta paper and primarily deals with two companies in that area, Tech Talent South and The Iron Yard, both of which work on the theory that months of intensive …

“So You Like Pain and Vulnerability Management?”

Executive Summary: You will never catch up when you try to do security through patch management. The unknown vulnerabilities are, by their nature, unknown. And the zero-day vulnerabilities will always be irritatingly one day ahead of your malware detection. Instead, understand and implement proper operational controls. See the full article at http://www.tripwire.com/state-of-security/vulnerability-management/so-you-like-pain-and-vulnerability-management/ Discussion: Substantial changes …

Francis Bacon’s Bilateral Cypher: How to make anything signify anything

One of the contributors to Hacker Highschool has been turning me toward some very interesting examples of early cryptography. Have you ever heard of his bilateral (not binary) cypher? This is one any student of security should read, particularly when you realize that the accompanying photograph of WWII soldiers is itself an encoded message! http://www.cabinetmagazine.org/issues/40/sherman.php …