Security Adviser | Roger A. Grimes

Are you ready for the big one?

Roger A. Grimes — 2009-04-03T03:00:00-08:00

In the age of the Internet, good security means never taking availability for granted READ MORE

The curious case of the invulnerable Web browser

Roger A. Grimes — 2009-03-27T03:00:00-08:00

Even if every Internet browser were vulnerability-free, it wouldn't stop malicious hackers and malware READ MORE

Countering the computer spies

Roger A. Grimes — 2009-03-20T03:00:00-08:00

Recent computer espionage cases reveal seemingly countless ways to steal data. You can take a few simple steps to fight back READ MORE

Let your worst fears be your guide

Roger A. Grimes — 2009-03-13T03:00:00-08:00

Your computer security defense should be built with the assumption that all attackers are trusted, highly privileged insiders acting within the system READ MORE

DJBDNS security vulnerability found

Roger A. Grimes — 2009-03-06T05:09:54-08:00

It is still a great testament to D.J. Bernstein that this is only the first bug, a moderate one at that, found in all of his software. Security and the Net Mar. 05, 2009 Last week, Matthew Dempsky posted an attack against Dan Bernstein's djbdns software. Djbdns is one of several alternatives to the popular BIND name server, and is backed by a unique security guarantee that offers $1000 to the first person to publicly report a verifiable security hole in djbdns. The problem found by Dempsky allows an attacker to poison DNS records: The security hole here is that... READ MORE

TCG sets the drive encryption standard

Roger A. Grimes — 2009-03-06T03:00:27-08:00

Trusted Computing Group's Opal spec for interoperable, self-encrypting drives isn't complete, but it's a great start READ MORE

This Internet fix is no pipe dream

Roger A. Grimes — 2009-02-27T03:00:00-08:00

A simpler, more modest proposal for securing the Internet taps existing standards for Web services, security, identity, and authentication READ MORE

Starting from scratch is the only malware cure

Roger A. Grimes — 2009-02-20T03:00:00-08:00

If you discover malware on your system, don't mess around. Back up your data, format your hard drive, and begin again READ MORE

Perfectly secure software

Roger A. Grimes — 2009-02-13T03:00:00-08:00

Software will be free of vulnerabilities when pigs fly -- or as soon as customers value security over cool new features READ MORE

Are all browser plug-ins a security risk?

Roger A. Grimes — 2009-02-06T03:00:00-08:00

Giorgio Maone of Firefox's NoScript challenges my sweeping statements about add-ons READ MORE

Browser security wars

Roger A. Grimes — 2009-01-30T03:00:00-08:00

Looking for a magic bullet against malware? You won't find it in a browser. Roger A. Grimes tested all the major browsers (and some that aren't so major) and found that the browsers are probably safer than your computing practices are READ MORE

Fighting malware: An interview with Paul Ferguson

Roger A. Grimes — 2009-01-23T03:00:00-08:00

Paul Ferguson has been fighting malware since the days of the earliest attacks. In this InfoWorld interview, Roger Grimes talks with his longtime colleague about the state of current threats and what they future of malware may hold READ MORE

Conficker malware ups the ante

Roger A. Grimes — 2009-01-16T03:00:45-08:00

Roger A. Grimes explains why keeping up to date with patches can mean the difference between a functional system and a playground for hackers READ MORE

Insane in the security membrane

Roger A. Grimes — 2009-01-09T03:00:00-08:00

"Trust everyone" is an insane foundation for computer and network security. Roger Grimes has heard this phrase several times lately, and wants to give you solid information to steer policy discussions back onto solid (and secure) footings. READ MORE

Fearless New Year's prediction: Computer crime gets worse

Roger A. Grimes — 2009-01-01T03:00:00-08:00

Roger Grimes makes his cybercrime predictions for the coming year, and they're not filled with good news. Get ready now for a new wave of cybercrime coming to a computer near you. READ MORE