Weekend Reading

Few articles to read...

1. Why Less Emphasis on Software Security? - Author of the article raised a valid concern on reluctant of many security expert and software house to focus on making a secure software. Except Microsoft (via Bill Gates's Memo in 2004 that stresses on making software trustworthy), others are more focusing on bugs and errors after released. TPM introduce by TCG (Trust Computing Group) is nothing but just a defense mechanism after produce released and ONLY limited to hashing of hardware and software without knowing what is the things it is hashing. Anyway, this is my opinion. Please read a simple yet important article at InfoSec Island by Keith Mendoza.



2. Encryption Key Management Primer - Requirements 3.6 - In this article, PCI Guru, is sharing his thought on the wrong perception of many of us including speculation by the quantum group that encryption key has expiration date. Read the full article here.
   



3. Remote Attack Code for Symantec's pcAnywhere in the Wild - Author of the article sharing stories on Symantec software that was released to public which allowed attackers to use and exploit user whom uses Symantec's pcAnywhere tool. Read the full article here.