Bypassing User Activation Controls
My last blog about User Activation Controls suggested that they were of little help, even when they work. After all, user data (your documents, spreadsheets and such) are the most valuable things you have. Now, we’ll just trash UAC by bypassing it. We’ll do this by relying on a flaw: Microsoft loves itself. Remember, UAC […]
User Account Controls and False Security
It’s true that our friends at Microsoft have come a long way toward implementing good security. No, really. Adobe and Oracle/Java have become the big targets of cyberthieves. MS operating systems no longer regularly cause the Blue Screen of Death. And, ta-da, we have User Activation Controls to protect us. UAC, as it is called, […]
This Java Threat Is Really Confusing
For several months, there were rumblings in the hacker underground about some serious threats to Java and Apple’s OS X. ComputerWorld reported in late February 2012 that a new variant of an exploit called Flashback was making its rounds of Macs by using the browser and Java to get in. CNN followed by reporting that […]
What Is Computer Security?
What is “computer security”? When Adrian Bryan and I set out to write our Introduction to System and Network Security course for Learning Tree some years ago, we needed to start with a definition. It served as a sort of goal or guiding light in writing the course materials. The definition is from Simson Garfinkel […]