Honest Security

  • When was the last time the security team gave you personalized advice?
  • When was the last time the security team or even IT team asked for your permission before they made a change to your laptop?
  • When was the last time the security team asked you for your thoughts on security risks you see in your daily workflow?
  • Can you recall that time where they asked you how upcoming security changes to your device would impact your daily workflow?

Good questions, read more at:

Sou

Source: Honest Security

Kommentar zu Log4j: Es funktioniert wie spezifiziert | heise online

Ja so ist Java (JNDI/RMI/….):

Man muss sich das wie einen Dreijährigen vorstellen, der sich jede Klasse in den Mund steckt, um herauszufinden, wie sie schmeckt und ob sie sich ausführen lässt.

 

Leider war:

Ganz besonders nicht dynamisch aus dem Internet nachgeladener Code.

Quelle: Kommentar zu Log4j: Es funktioniert wie spezifiziert | heise online

Security Checklist

This security checklist should be mandatory for anyone who is using a computer or mobile device. It is an open source checklist of resources designed to improve your online privacy and security. Check things off to keep track as you go.

Quelle: Security Checklist