[cap-talk] how to advertise caps?
lists at notatla.org.uk
lists at notatla.org.uk
Tue Jun 24 16:03:55 CDT 2008
ross mcginnis <ross_mcginnis at hotmail.com> wrote:
> A couple of weeks ago was "National e-Security
> Awareness" week here in Australia. I wrote an entry
> to a forum site which has made this the topic of the month: ...
> Since I'm only an amateur at writing and only a hobbyist with
> computers, I'm wondering how to improve such an article?
Did you read a few articles on that site before submitting yours?
I think you could have taken that as a hint at the kind of level
they expect.
I mentioned in April that I was introducing a capability scheme
involving randomly-generated URLs. It's for the selection and
presentation of security data that I gather and organise.
Last week I taught this to one of the SA groups and got this response.
> Many thanks for today's excellent course.
>
> The comments from the folks who attended are very good and very positive
> and the opportunity to discover more about {SYSTEMNAME} and provide
> feedback was very welcome.
And I sent this to someone in charge of security training at my company.
> If someone really wants to sort out the appalling security problems of the
> IT world they need to start somewhere like this:
> http://www.schneier.com/book-sandl.html
> http://www.cs.berkeley.edu/~daw/talks/TRUST07.pdf
> http://en.wikipedia.org/wiki/Capability-based_security
> http://www.combex.com/tech/edesk.html
> http://cups.cs.cmu.edu/soups/2005/2005posters/9-yee.pdf
> http://wiki.laptop.org/go/OLPC_Bitfrost#Foreword
> http://www.ranum.com/security/computer_security/index.html
> http://radian.org/~krstic/talks/2007/auscert/slides.pdf
> http://www.cl.cam.ac.uk/~rja14/Papers/econ.pdf
>
> or short of that maybe these books can help.
> http://www.cl.cam.ac.uk/~rja14/book.html
> http://www.amazon.com/Building-Secure-Software-Addison-Wesley-Professional/dp/020172152X
>
> Sometimes it's right to train the user and sometimes it's better to take
> the choice out of their hands.
More information about the cap-talk
mailing list