For the better half of the last weekend, i was forced to listen to how Harbhajan slapped Sreesanth and how Sreesanth cried on the field. In fact for anyone who did a mistake of flipping through a news channel felt that the slap was in front of them, and not on field. And now since yesterday, news channels have started discussing the ban imposed on Harbhajan and how it coincided with sacking of the infamous Mr Gill. Considering the ban on Harbhajan is going to last for next few days on TV, looks like I will be back to studying walrus mating habits on Animal Planet.
Archive for April, 2008
PCI SSC finally released “Information Supplement: Payment Card Industry Data Security Standard (PCI DSS) Requirement 6.6 Code Reviews and Application Firewalls” that would clean some air on how much application security is really required for PCI DSS compliance. I have often had long discussions on the intent of 6.6 requirement, and to me it always was clear that Section 6.6 wanted application owners to be cautious against web based attacks than just web-application security testing.
The supplement is a must read and can be downloaded from here
While going through masses of web pages everyday, i found some essential read for anyone and everyone who uses Windows. I personally don’t use Windows until I am compelled to, such as at work. It’s been about 4 years that i moved on to addictive Ubuntu and good looking OS X. Anyhow, here are the links:
- 21 Useful applications for Windows
- 156 Useful Run Commands - Although it can never replace spotlight on mac, knowing few run commands can save you of many boring clicks. And I don’t like Launchy before you ask me to have a look at it.
- Strip your Windows XP of redundant makeup
As if appointment of Rod Beckström as director of National Cyber Security Center (NCSC) was not foolish enough, Bush administration couldn’t help tolerating Mr Chertoff’s ideas of privacy. In a public appearance at Canada, he attempted to explain how fingerprints are not his idea of personally identifiable information (personal data). What people, especially those who handle security, must understand that personal data can not be described by confidentiality alone.
What most people do not understand is the difference between personally identifiable information and confidential information, or as Schneier puts it ‘the difference between personal data and secret data. To put it simply, personally identifiable Information (PII) refers to any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains. It has little to do with confidentiality of the information on its own. Postal codes/ zip codes and fingerprints are few such examples of less-confidential personal data.
