Training People on Threat Modeling
Adam Shostack here. Blogger Ian Grigg has an interesting response to my threat modeling blog series, and I wanted to respond to it.
Is it safe to install ActiveX controls on my computer?
A lot of you have recently asked us about ActiveX controls. Here’s an example of a message you might have seen: What are ActiveX controls? ActiveX controls are small programs, sometimes also called “add-ons,” used on the Internet.
STRIDE chart
There are good reasons to optimize for different points on that spectrum (of better/faster/cheaper) at different times in different products.
What is a cookie?
Cookies are small files that Web sites put on your computer hard disk drive when you first visit. Think of a cookie as an identification card that’s uniquely yours. Its job is to notify the site when you’ve returned. Cookies should not be confused with viruses.
Common Objections – Comparing Linux Distros with Windows
Once again, my effort to explore common misperceptions (more recently exploring unpatched statistics) has brought out some of the common objections from those that don’t necessarily like the results.
Washington Post – A Time to Patch III: Apple
You’ve probably already read Brian Krebs article A Time to Patch III: Apple, but if you haven’t, I encourage you to read it and read the various responses he received – the responses run the gamut of Linux advocates (“You do understand that Mac OS X is not a version of Linux, and is not