Information Security Drivers

Is it possible to acheive total and complete information security? The answer today is no.

On occassion, it is easy to become complacent and make an assumption of security. Implementing effective counter measures to possible breaches of security can give an over confidence in our perception of the level of security in our systems. The reality is that our applications and systems become increasingly more complex. The primary challenge of any development of technology is making something that works, making something that works but also has perfect security is a pipe dream. Modern operations systems can contain upwards of 50 million lines of code. There are always holes in applications and operationg systems. If you doubt this, check the amount of security patches released by any OS vendor you know.

With this is mind effective security becomes about understanding that it’s not possible to fill every hole and block every gap […]

Internet Threat Monitors and Widgets

Have you ever wondered if there’s an early warning or monitoring tools on the internet to track security threats and virus outbreaks? Well, the answer is yes. There are quite a few, primarily from Anti-Virus/Anti-Malware Vendors. As yet there doesn’t appear to be a co-ordinated conslidated monitoring system for the whole internet, but it is possible to incorporate the tools mentioned above into web pages to get a consensus view.

Check out the widgets below to find the latest information on current virus, malware and other threats.

Cryptography – Before & After Public Key.

What better way to kick off an Information Security blog than with a video from the computer history museum on Cryptography? Whitefield Diffie is the speaker in this hour long presentation on cryptography history and is also one half of the Diffie Hellman duo who claim to have engineered this new approach. The same claim comes from GCHQ in the United Kingdom and the two research finding were published a matter of months apart.

Public Key cryptography is implemented by generating a pair of keys (numbers) which are mathematically linked. One is deemed the “Public Key” which is available to all and the other is the “Private Key” which is held by the intended recipient of the information which will be encrypted.

The Public key is used to Encrypt and the Private Key is used to Decrypt. The Private Key can also be used in digital signing operations where the recipient can use the corresponding […]