Tuesday, December 28, 2010

Does Cisco really eat its own IPv6 dog food?

While the article written by Carolyn Duffy Marsan for NetworkWorld is entitled "Cisco eats its own IPv6 dog food", this excerpt does not really indicate that Cisco is really eating its own dogfood:

Cisco confirmed Tuesday that on Aug. 23 it began testing IPv6 on an alternative Web site -- www.ipv6.cisco.com -- instead of its main Web site, which is www.cisco.com. Cisco said it is maintaining a dual IPv6 and IPv4 approach for its external Web presence so that all of its customers can access the Web site reliably.
 Full article here.

Pentagon pressuring suppliers to use IPv6 products they sell on their own networks, Web sites

This article by Carolyn Duffy Marsan appeared on NetworkWorld:

U.S. military strong-arming IT industry on IPv6
Pentagon pressuring suppliers to use IPv6 products they sell on their own networks, Web sites

The U.S. military is ratcheting up the pressure on its network suppliers to deploy IPv6 on their own networks and Web sites so they can gain operational experience and fix bugs in the products they are selling that support the next-generation Internet protocol.

For years, the Defense Department in public forums and private conversations has been pushing network hardware and software companies to use their own IPv6 products, a practice known as "eating your own dog food" in tech industry parlance
.
The rest of the article is here.

Monday, December 27, 2010

Understanding scam victims: seven principles for systems security

I've just read the Technical report entitled "Understanding scam victims: seven principles for systems security" authored by Frank Stajano and Paul Wilson, about the exploitation of the "human factor" in security systems. Interesting reading. The Abstract of the technical report is:
The success of many attacks on computer systems can be traced back to the security engineers not understanding the psychology of the system users they meant to protect. We examine a variety of scams and “short cons” that were investigated, documented and recreated for the BBC TV programme The Real Hustle and we extract from them some general principles about the recurring behavioural patterns of victims that hustlers have learnt to exploit.
We argue that an understanding of these inherent “human factors” vulnerabilities, and the necessity to take them into account during design rather than na├»vely shifting the blame onto the “gullible users”, is a fundamental paradigm shift for the security engineer which, if adopted, will lead to stronger and more resilient systems security.