Author:
Viega, John.
Edition Statement:1st ed.
Imprint:Beijing [China] ; Cambridge : O'Reilly, c2009.
Descriptionxix, 238 p. : ill. ; 22 cm.
Note:The security industry is broken -- Security : nobody cares! -- It's easier to get "owned" than you think -- It's good to be bad -- Test of a good security product : would I use it? -- Why Microsoft's free AV won't matter -- Google is evil -- Why most AV doesn't work (well) -- Why AV is often slow -- Four minutes to infection? -- Personal firewall problems -- Call it "antivirus" -- Why most people shouldn't run intrusion prevention systems -- Problems with host intrusion prevention -- Plenty of phish in the sea -- The cult of Schneier -- Helping others stay safe on the Internet -- Snake oil : legitimate vendors sell it, too -- Living in fear? -- Is Apple really more secure? -- OK, your mobile phone is insecure; should you care? -- Do AV vendors write their own viruses? -- One simple fix for the AV industry -- Open source security : a red herring -- Why SiteAdvisor was such a good idea -- Is there anything we can do about identity theft? -- Virtualization : host security's silver bullet? -- When will we get rid of all the security vulnerabilities? -- Application security on a budget -- "Responsible disclosure" isn't responsible -- Are man-in-the-middle attacks a myth? -- An attack on PKI -- HTTPS sucks : let's kill it! -- CrAP-TCHA and the usability/security tradeoff -- No death for the password -- Spam is dead -- Improving authentication -- Cloud insecurity? -- What AV companies should be doing (AV 2.0) -- VPNs usually decrease security -- Usability and security -- Privacy -- Anonymity -- Improving patch management -- An open security industry -- Academics -- Locksmithing -- Critical infrastructure.
Bibliography Note:Includes bibliographical references and index.