Hangout for experimental confirmation and demonstration of software, computing, and networking. The exercises don't always work out. The professor is a bumbler and the laboratory assistant is a skanky dufus.

Recent Items
 
Open-Source License Simplification (and Trust?)
 
Identity, Authentication, and Attestation Together
 
Collaborative Systems: Social Protocols
 
Secure Computer Infrastructure as a Journey
 
Component-Based Software Engineering Projects
 
TROST: Templates for Raising Open-System Trustworthiness
 
Blackbelted That!
 
Blackbelt this!
 
EDOS Integrates Open-Source Software
 
Tech Challenges I Want to See

Archives
2004-06-13
2004-06-20
2004-06-27
2004-08-29
2004-09-05
2004-09-12
2004-09-19
2004-10-10
2004-10-24
2004-11-07
2004-11-28
2004-12-05
2004-12-12
2004-12-26
2005-01-30
2005-02-06
2005-03-06

CVSS: Common Vulnerability Scoring System

ACM News Service: Computer Vulnerabilities Given Unified Rating Systems.  The consortium-produced CVSS is being promoted for giving a consistent means for rating vulnerabilities based on the nature of the damage that an exploit can create: data theft, data corruption and alteration, denial of service, etc., covering a total of seven traits.  This seems like something to keep in mind with regard to carrying out threat modeling too.

Celeste Biever's 2005-02-21 NewScientist.com article provides further details and links.  The CVSS report is available at the National Infrastructure Advisory Council link.

posted by orcmid at 3/12/2005 12:01:00 AM, rating data by NewsGator Online