Archive for the ‘eEye’ Category

Great interview: Security Now and eEye’s Marc Maiffret

June 12, 2007

An excellent Security Now podcast (#91) with one of the original hackers.eEye logo
http://www.grc.com/securitynow.htm

Great insight into network security – Such as:

  1. Most vulnerabilities in a computer are non-Microsoft, they are vulnerabilities within iTunes, Adobe, QuckTime, Flash, etc..
  2. Hackers are finding vulnerabilities in non-Microsoft application just as fast as they are finding Microsoft vulnerabilities. The big difference is that other software vendors do not have regular patches like Microsoft.
  3. Microsoft has the best practice around security than any other software company- because they were forced to.  Other vendors have not been forced to and that is why they are more vulnerable.
  4. As more functionality is added to browsers, their attack surface increases and they become bigger targets.
  5. As more appliations become hosted it becomes harder for “white” hat hackers and researchers to search for vulnerabilities b/c it becomes illegal at that point while black hat hackers have no such quams.
  6. If hosting servers become compromised, a hacker can have access to millions of people’s information instead of just one.
  7. Windows is actually more secure than Macs
  8. Don’t buy Vista for the security features- it has vulnerabilities as well

Posted in eEye | Leave a Comment »