Home / Blogs
Follow this blog:
RSS
Email Alert

IT Security

Selena Frye

Selena Frye

TechRepublic Staff

Selena Frye

Selena Frye
Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and IT Security blogs.
  • 4

    Security news roundup: New vulnerability affects Firefox 3

    This week's security roundup includes a new vulnerability discovered in Firefox, Microsoft admitting to a mistake with a recent Bluetooth patch, the lack of any progress at cracking the Gpcode.ak...

    Posted by Paul Mah | June 23, 2008, 2:39 AM PDT | Latest comment by Neon Samurai

  • 63

    AV industry sucks, says CEO of leading antivirus firm

    The chief executive of leading antivirus firm Trend Micro, has thrown down the gauntlet by declaring that the antivirus industry "sucks."

    Posted by Paul Mah | June 22, 2008, 9:21 PM PDT | Latest comment by seanferd

  • 29

    Vulnerability counting revisited: a hypothetical example

    Vulnerability counting is, in many cases, worse than useless as a means of quantifying the security of the software. I've made this point before, but this article tries a different approach to...

    Posted by Chad Perrin | June 19, 2008, 12:12 PM PDT | Latest comment by apotheon

  • 194

    Is Linux the most secure OS?

    Linux-based systems get a lot of press in IT trade publications. A lot of that press relates to its security characteristics. In fact, some claim "Linux is the most secure operating system (OS)...

    Posted by Chad Perrin | June 17, 2008, 5:07 PM PDT | Latest comment by Jaqui

  • 11

    Craft your own Internet usage policy with this sample

    Mike Mullins provides a general guideline for Internet and intranet usage in your organization and encourages you to educate users by distributing a formal Internet usage policy.

    Posted by Mike Mullins | June 17, 2008, 7:24 AM PDT | Latest comment by Pete6677

  • 10

    New way to protect networks from worms, Kaspersky cracking down on 'blackmailer' virus

    New scientific research claims to have found a method for early detection of the most destructive Internet worms as Kaspersky Lab gets to work on the "blackmailer" virus.

    Posted by Selena Frye | June 11, 2008, 9:45 AM PDT | Latest comment by Wunderbarb

  • 6

    What do you do if management won't get on board?

    Sometimes, no matter how hard you try, you can't get management on board. When management refuses to see reason, and security is treated as the unwanted stepchild of business priorities, you can...

    Posted by Chad Perrin | June 10, 2008, 1:22 PM PDT | Latest comment by nwoodson@...

  • 5

    Security news roundup: Nuclear power plant shutdown attributed to a single computer

    Here's a collection of recent security vulnerabilities, alerts, and news, covering a new version of VLC media player, an unpatched Sun Solaris network library vulnerability, an update from VMware,...

    Posted by Paul Mah | June 9, 2008, 11:59 PM PDT | Latest comment by harold@...

  • 22

    How should we handle security notifications?

    A team of researchers at Carnegie-Mellon University studied the statistical relationship between rates of identity fraud and laws that require customers to be notified when there's been a security...

    Posted by Chad Perrin | June 6, 2008, 11:19 AM PDT | Latest comment by therealbeadweaver2002@...

  • 6

    Why you can't get management on board

    Chad Perrin breaks down the psychology of upper managers who are willing to take a gamble on security by refusing to allocate the funds needed to implement a strong security policy. What do you...

    Posted by Chad Perrin | June 5, 2008, 12:52 PM PDT | Latest comment by nacht@...

  • 182

    Security alarmism helps the bad guys win

    Chad Perrin examines what passes for security in the "post-9/11 world" and finds it lacking, particularly as it affects users and cybercrime. Instead of security awareness, he sees security...

    Posted by Chad Perrin | May 30, 2008, 5:37 AM PDT | Latest comment by JCitizen

  • 14

    Is PhoneFactor really better security?

    Chad Perrin explores the security solution, PhoneFactor, which favors a two-factor authentication process for accessing your online banking account. Is the extra inconvenience worth it for the...

    Posted by Chad Perrin | May 28, 2008, 10:50 AM PDT | Latest comment by YZFDude1@...

  • 27

    Making encryption popular

    We've already discussed the importance of being encrypted. Now it's time to discuss the very real problem of encryption system adoption. How do we get people to actually use encryption?

    Posted by Chad Perrin | May 26, 2008, 1:16 PM PDT | Latest comment by fotoflo@...

  • 2

    Close to half of government laptops encrypted, 1.2 million more to go

    Over 800,000 licenses for encryption software have been purchased through the Data at Rest (DAR) Encryption program last year. The DAR program is run jointly by the General Services Administration...

    Posted by Paul Mah | May 25, 2008, 9:34 PM PDT | Latest comment by john.hamilton@...

  • 11

    Not Invented Here has no place in open source development

    Last week, many Debian users got something of a shock when they realized that encryption keys for OpenSSH, OpenSSL, and OpenVPN have all been vulnerable to relatively easy compromise for a while....

    Posted by Chad Perrin | May 22, 2008, 3:42 PM PDT | Latest comment by apotheon

  • 5

    Detect and replace vulnerable SSH keys on Debian

    As many of my readers no doubt already know, Debian GNU/Linux recently had some cryptographic vulnerability problems. By far, the most common effect of this on users of Debian will be the...

    Posted by Chad Perrin | May 20, 2008, 11:49 AM PDT | Latest comment by apotheon

  • 36

    The "insecure memory" FAQ

    The problem of "insecure memory" is little-known and pervasive. Read on to find out what "insecure memory" means, and how it affects you. I even intentionally changed settings on a (secured)...

    Posted by Chad Perrin | May 14, 2008, 1:03 PM PDT | Latest comment by JCitizen

  • 14

    Has security grown beyond DIY?

    On Friday, I discussed Joshua Corman's contention that "there is no perimeter," and my take on the phrase. That was only one of seven "dirty secrets" of the security industry he mentioned at...

    Posted by Chad Perrin | May 12, 2008, 9:39 AM PDT | Latest comment by marketingtutor.

  • 11

    There is no perimeter, kinda

    At Interop Las Vegas, IBM/ISS security strategist Joshua Corman explained seven "dirty secrets" of the security industry. One of his points was the newly common refrain, "There is no perimeter."...

    Posted by Chad Perrin | May 9, 2008, 2:31 PM PDT | Latest comment by Jaqui

  • 20

    Underground marketplace sells your personal data for a hefty profit

    Always been skeptical of those astronomically high monetary figures quoted by the media in cases of information theft or unintended disclosures? Same here. The discover of by McAfee security...

    Posted by Paul Mah | May 9, 2008, 4:02 AM PDT | Latest comment by mlunney1@...

  • 2

    List open ports and listening services

    You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

    Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard

  • 103

    DropSmack: Using Dropbox to steal files and deliver malware

    Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

    Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

  • 151

    Hackers: From innocent curiosity to illegal activity

    Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

    Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...

  • 36

    Cloud-service contracts and data protection: Unintended consequences

    There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

    Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner

  • 36

    Battling the Google Redirect virus

    Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

    Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344

  • 36

    Understanding what motivates Chinese hackers

    Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

    Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000

  • 15

    BoxCryptor vs. DropSmack: The battle to secure Dropbox

    Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

    Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner

  • 63

    How to spoof a MAC address

    MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

    Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale

  • 3

    Running the gauntlet: Tips for achieving your CISSP

    One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

    Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen

  • 10

    The basics of using a proxy server for privacy and security

    Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

    Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson

  • 0

    DDoS attack methods and how to prevent or mitigate them

    Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

    Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT

  • 21

    Software-Defined Networking: How it affects network security

    SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

    Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner

  • 64

    Dropbox: Convenient? Absolutely, but is it secure?

    A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

    Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...

  • 67

    Use PuTTY as a secure proxy on Windows

    Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

    Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa

  • 5

    The future of IT security compliance: 201 CMR 17.00

    Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

    Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...

  • 101

    Hacker vs. cracker

    The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

    Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet

  • 9

    New McAfee patent hints at a more walled-off online world

    A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

    Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain

  • 74

    10 services to turn off in MS Windows XP

    As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

    Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008

  • 89

    The FBI locked your computer? Watch out for new spins on ransomware

    The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

    Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen

  • 11

    The CIA Triad

    The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...

    Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house

Keep Up with TechRepublic

Discover more newsletters

Follow us however you choose!

Media Gallery

View All

Hot Questions

Ask a Question
View All

Hot Discussions

Start a Discussion