paulus

This user hasn't shared any biographical information

Homepage: http://www.jejaklangkah.net/blog


Posts by paulus

2008 Data Breach Investigation Report

Aug 26th

Posted by paulus in security

1 comment

Verizon Business Security Services (formerly Cybertrust) recently released 2008 Data Breach Investigation Report. This report is based on 500 forensic cases handled by Verizon from 2004-2007, which then analyzed, compiled, and published as an overview on how the data breach was actually occured.

Some interesting findings from the report are as follows :

  • 87% of the security breaches could have been avoided with basic security measures
  • Two-thirds of the cases involved data that the organization did not know was present on the system
  • 39% of the breaches involves business partners

Verizon Business has released a white paper about the report here.

Now, what is interesting about the report is the fact that, while information security as a discipline has gone a long way, the real world doesn’t seems to move forward. I mean, attack methodologies has evolved a long way from simple buffer overflow on a code to the latest DNS insecurity flaw, from platform to applications, from macro viruses to phishing, but the real deal is still the same, which is basic security measures has not been applied. Most of the attacks still involve known vulnerabilites that has been published and patches has been provided for months, but still, it’s exploited, and breach occured. How does that happen?

Apparently with all the new technologies the industry provided, there hasn’t been a significant change the way people approaches security. People are still chasing the ghost, spending millions and millions of money on information security year by year, and the bad guys still manages to come in from the same doors. So what, are we doing things wrong?

Maybe we’re not doing things wrong, we’re just putting our efforts at a wrong place. Maybe we’re so busy chasing the new buzz every day, worrying about new methods, new vulnerabilities, new security products, that we forget to do the basics, default deny, least privileges, and essential services.

And if we look back, aren’t all those security hype actually just that? Default deny? Least Privileges? Essential Services?

,

Email Archiving dengan MailArchiva

Aug 13th

Posted by paulus in linux

1 comment

Beberapa waktu lalu bos saya nanya-nanya tentang arsip e-mail beberapa bulan lalu. Cek mail server, tak ada arsip, bo. Lantas beliau minta saya setup arsip mail server di kantor. Secara mail server di kantor pakai ubuntu, solusinya adalah mail-archive gratisan. sebenarnya (mungkin) bisa simpan seluruh email yang masuk dan keluar dengan postfix, mail-server yang saya pakai, tapi karena lagi pengen utak-atik, saya cari solusi tersendiri. Browsing sana sini, sampailah saya ke mailarchiva. Ada dua versi, enterprise edition dan open-source edition. Karena saya tak mau bayar, ya pakai yang gratisan saja. Saya pun download mailarchiva open-source edition.

More >

, ,

Menimbang perubahan

Aug 13th

Posted by paulus in rambling

2 comments

Satu-satunya yang tidak pernah berubah adalah tentang perubahan adalah bahwa ia selalu berubah

Ada masa-masa dalam hidup di mana perubahan menjadi sesuatu hal yang tak terelakkan. Entah itu karir, keluarga, pribadi, di satu titik kita dihadapkan pada situasi memilih, tetap pada status quo atau ikut berubah.
More >

Scientist closer to invisibility cloak

Aug 11th

Posted by paulus in Gado-gado

No comments

Now if this one is mass-produced, Harry Potter will need a rewrite. There’s no longer magic in the invisibility cloak :D

Scientists say they are a step closer to developing materials that could render people and object invisible. Researchers have demonstrated for the first time that they were able to cloak three-dimensional objects using artificially engineered materials that redirect light around the objects. Previously, they only have been able to cloak very thin two-dimensional objects

Full story here

,

Battlestar Galactica

Aug 10th

Posted by paulus in review

1 comment

While some of some of my favorite series are waiting for the new episodes to be aired (or resumed), and I need to watch something. Friend of mine, Chuck, has been recommending this Battlestar Galactica for a while now, so I figure, I’ll download them and start watching. So here goes.

Ok, first of all, it’s old. This series has been around for a while (started at 1978, then come the 2003 miniseries reimagining the 1978 original series, then continued to TV series since 2004), and it still on-going, but hey, good series are always enjoyable :) . By the way, this post is about 2003 miniseries continued with the 2004 TV series (now it’s season 4). I don’t know about the original series.

Battlestar Galactica is a science-fiction TV series about the nearly-end human being fighting itself to survival after almost being destroyed by Cylons. Cylons are created by human, to make human life easier, but then the cylons turn against their creator and started a war to destroy human being. The first war (which are not told in the series, by the way) ends with agreement where cylons leave human to build the world of their own. 40 years pass, no-one ever hear from Cylons again, when suddenly they come back, and attempt destroy The Twelve Colonies of man. The war ends bitterly at human side, the twelve colonies were destroyed. One battlestar, Galactica, however were away during the attack, and together with some survived civilian fleet, they started a long journey, running away from the cylons, in search of Earth, a place according to the scriptures, are the place where the thirteenth colonies of human reside.
More >

, ,
« Older Entries
Newer Entries »