| |
| |
Foreword | |
| |
| |
Preface | |
| |
| |
| |
The Security Industry Is Broken | |
| |
| |
| |
Security: Nobody Cares! | |
| |
| |
| |
It's Easier to Get "Owned" Than You Think | |
| |
| |
| |
It's Good to Be Bad | |
| |
| |
| |
Test of a Good Security Product: Would I Use It? | |
| |
| |
| |
Why Microsoft's Free AV Won't Matter | |
| |
| |
| |
Google Is Evil | |
| |
| |
| |
Why Most AV Doesn't Work (Well) | |
| |
| |
| |
Why AV Is Often Slow | |
| |
| |
| |
Four Minutes to Infection? | |
| |
| |
| |
Personal Firewall Problems | |
| |
| |
| |
Call It "Antivirus" | |
| |
| |
| |
Why Most People Shouldn't Run Intrusion Prevention Systems | |
| |
| |
| |
Problems with Host Intrusion Prevention | |
| |
| |
| |
Plenty of Phish in the Sea | |
| |
| |
| |
The Cult of Schneier | |
| |
| |
| |
Helping Others Stay Safe on the Internet | |
| |
| |
| |
Snake Oil: Legitimate Vendors Sell It, Too | |
| |
| |
| |
Living in Fear? | |
| |
| |
| |
Is Apple Really More Secure? | |
| |
| |
| |
Ok, Your Mobile Phone Is Insecure; Should You Care? | |
| |
| |
| |
Do AV Vendors Write Their Own Viruses? | |
| |
| |
| |
One Simple Fix for the AV Industry | |
| |
| |
| |
Open Source Security: A Red Herring | |
| |
| |
| |
Why SiteAdvisor Was Such a Good Idea | |
| |
| |
| |
Is There Anything We Can Do About Identity Theft? | |
| |
| |
| |
Virtualization: Host Security's Silver Bullet? | |
| |
| |
| |
When Will We Get Rid of All the Security Vulnerabilities? | |
| |
| |
| |
Application Security on a Budget | |
| |
| |
| |
"Responsible Disclosure" Isn't Responsible | |
| |
| |
| |
Are Man-in-the-Middle Attacks a Myth? | |
| |
| |
| |
An Attack on PKI | |
| |
| |
| |
HTTPS Sucks; Let's Kill It! | |
| |
| |
| |
CrAP-TCHA and the Usability/Security Tradeoff | |
| |
| |
| |
No Death for the Password | |
| |
| |
| |
Spam Is Dead | |
| |
| |
| |
Improving Authentication | |
| |
| |
| |
Cloud Insecurity? | |
| |
| |
| |
What AV Companies Should Be Doing (AV 2.0) | |
| |
| |
| |
VPNs Usually Decrease Security | |
| |
| |
| |
Usability and Security | |
| |
| |
| |
Privacy | |
| |
| |
| |
Anonymity | |
| |
| |
| |
Improving Patch Management | |
| |
| |
| |
An Open Security Industry | |
| |
| |
| |
Academics | |
| |
| |
| |
Locksmithing | |
| |
| |
| |
Critical Infrastructure | |
| |
| |
Epilogue | |
| |
| |
Index | |