Given the media hype around the Conficker worm (and now Gumblar), and the constant barrage of alarming disclosure announcements, I thought it would be a good time to take a calmer look at some of the security myths, misconceptions and mistruths that plague the industry.
Many of these cyber security myths have been around for close to a decade. They have driven marketing campaigns and have sold a lot of traditional newspapers. But for the most part these threats have proven much less dangerous than ballyhooed. Worse, they distract us from addressing the routine problems that lead to a more secure global IT environment. Until we can address every day vulnerabilities threats, how can we justify focusing on exotic edge cases? Continue reading
As we end the year we have the last of the IEE’s (Internet Ending Events) in 2008 as Alex Sotirov (here) and Jacob Appelbaum (here) provide details as part of their presentation “Making the Theoretical Possible” at the 25c3 – 25th Chaos Communication Congress (here), for those not able to attend the conference in Berlin there will be streaming video (here), of course if the Internet is dead you will need to contact the 25c3 conference organizers and request a VHS be sent via snail mail.
More thoughts from others around the blogosphere (here), (here), (here), and (here). I am sure there will be plenty of updates and analysis once the details are disclosed until then happy surfing and don’t forget that in cyberspace every one can read your screams….