Is there an after one seems to wonder? Although the major hardware vendors have shipped fixes or new chips closing these vulnerabilities, new findings seem to appear every so often. One also wonders how the hardware vendors closed these vulnerabilities as some cases required a major architectural change, which could only be accomplished with new … More After Spectre and Meltdown – what now?
In this linked article where an NSA employee gives advice on how to keep your systems secure, it should become crystal clear that you have to keep your security patching up-to-date. According to the quotes in the article even security vulnerabilities that existed only for hours on a system can be exploited by adversaries. So … More How to keep your systems secure? – Always implement the latest security patch as soon as possible
You have a system that has long been out of maintenance. Although you might have implemented up to latest available patch and everything’s running smoothly, there is no beating around the bush: Your system is insecure. The software vendors as well as security researchers will have found security vulnerabilities that are getting fixed in higher releases, … More Your system or application is definitely insecure, if…
When I studied at University one of my professors would always say, that we have to get a feel for trouble to succeed in life. (In German: “Sie müssen immer Störgefühle bekommen”.) Others would call it follow your intuition or get a hunch, but whatever you want to name it, one of the most prominent … More Social Engineering is alive and kicking
When I studied Economics in the 90ies, Gary S Becker received the Nobel Price for his extension of the microeconomic analysis to include human behavior and social aspects including marriage, discrimination and for example having sex with your spouse. That raised a few eye-browse back then. Nowadays I am wondering when an economist will publish … More The economics of selling security vulnerabilities – or there is a market for everything