From Schneier on Security…
Schneier reflects on last week’s DNS vulnerability fiasco, saying “The real lesson is that the patch treadmill doesn’t work, and it hasn’t for years. This cycle of finding security holes and rushing to patch them before the bad guys exploit those vulnerabilities is expensive, inefficient and incomplete.”
From Security Fix…
Apple Patches DNS Flaw and 16 Other Holes
Meanwhile, the Washington Post’s Brian Krebs jumps into the fray, reporting that Apple has addressed its vulnerabilities – hopefully quieting the criticism of its earlier lack of response.
From Endpoint Security Info…
US Federal Agencies Welcome Data Theft
ESI investigates a report that shines a spotlight on the poor security practices in action in U.S. federal departments. The report’s key learning is that no technology deployment by itself can overcome employee misunderstanding and noncompliance.
