| |
| |
| Foreword | |
| |
| |
| Preface | |
| |
| |
| |
| The Security Industry Is Broken | |
| |
| |
| |
| Security: Nobody Cares! | |
| |
| |
| |
| It's Easier to Get "Owned" Than You Think | |
| |
| |
| |
| It's Good to Be Bad | |
| |
| |
| |
| Test of a Good Security Product: Would I Use It? | |
| |
| |
| |
| Why Microsoft's Free AV Won't Matter | |
| |
| |
| |
| Google Is Evil | |
| |
| |
| |
| Why Most AV Doesn't Work (Well) | |
| |
| |
| |
| Why AV Is Often Slow | |
| |
| |
| |
| Four Minutes to Infection? | |
| |
| |
| |
| Personal Firewall Problems | |
| |
| |
| |
| Call It "Antivirus" | |
| |
| |
| |
| Why Most People Shouldn't Run Intrusion Prevention Systems | |
| |
| |
| |
| Problems with Host Intrusion Prevention | |
| |
| |
| |
| Plenty of Phish in the Sea | |
| |
| |
| |
| The Cult of Schneier | |
| |
| |
| |
| Helping Others Stay Safe on the Internet | |
| |
| |
| |
| Snake Oil: Legitimate Vendors Sell It, Too | |
| |
| |
| |
| Living in Fear? | |
| |
| |
| |
| Is Apple Really More Secure? | |
| |
| |
| |
| Ok, Your Mobile Phone Is Insecure; Should You Care? | |
| |
| |
| |
| Do AV Vendors Write Their Own Viruses? | |
| |
| |
| |
| One Simple Fix for the AV Industry | |
| |
| |
| |
| Open Source Security: A Red Herring | |
| |
| |
| |
| Why SiteAdvisor Was Such a Good Idea | |
| |
| |
| |
| Is There Anything We Can Do About Identity Theft? | |
| |
| |
| |
| Virtualization: Host Security's Silver Bullet? | |
| |
| |
| |
| When Will We Get Rid of All the Security Vulnerabilities? | |
| |
| |
| |
| Application Security on a Budget | |
| |
| |
| |
| "Responsible Disclosure" Isn't Responsible | |
| |
| |
| |
| Are Man-in-the-Middle Attacks a Myth? | |
| |
| |
| |
| An Attack on PKI | |
| |
| |
| |
| HTTPS Sucks; Let's Kill It! | |
| |
| |
| |
| CrAP-TCHA and the Usability/Security Tradeoff | |
| |
| |
| |
| No Death for the Password | |
| |
| |
| |
| Spam Is Dead | |
| |
| |
| |
| Improving Authentication | |
| |
| |
| |
| Cloud Insecurity? | |
| |
| |
| |
| What AV Companies Should Be Doing (AV 2.0) | |
| |
| |
| |
| VPNs Usually Decrease Security | |
| |
| |
| |
| Usability and Security | |
| |
| |
| |
| Privacy | |
| |
| |
| |
| Anonymity | |
| |
| |
| |
| Improving Patch Management | |
| |
| |
| |
| An Open Security Industry | |
| |
| |
| |
| Academics | |
| |
| |
| |
| Locksmithing | |
| |
| |
| |
| Critical Infrastructure | |
| |
| |
| Epilogue | |
| |
| |
| Index | |