Author Archives: tom w wolf

The Ying & Yang of Systems Security Engineering

Overview Systems Security Engineering is Systems Engineering. Like any other engineered system, a security system will follow a certain workflow as it progresses from concept through to deployment. These include architectural development, design, ┬áimplementation, design verification and validation. This is … Continue reading

Posted in Pentesting, Security, Systems Engineering | Leave a comment

2016 Personal Security Recommendations

Overview There are millions of criminals on the Internet and billions of potential victims. You have probably not been attacked or compromised and if so, it is due to the numbers – probably not your personal security habits. I have … Continue reading

Posted in Internet Security, Security, Systems Engineering | Leave a comment

Security Patterns & Anti-Patterns

Overview In this post we will be exploring a very useful analysis concept in security engineering, Security Patterns and more importantly; Anti-Patterns. As we have discussed in earlier posts, a use case or use model is a generalized process or … Continue reading

Posted in Uncategorized | Leave a comment

Introduction to Systems Security Engineering

There are many books, articles and websites on System Engineering in general, but relatively few on Systems Security Engineering. In the not so distant past, I spent more than a decade implementing IT security, developing policy and procedure for IT … Continue reading

Posted in Uncategorized | Leave a comment

PSA – Update on TrueCrypt

Overview There are many users who have continued to user TrueCrypt 7.1a for a number of reasons; specifically: TrueCrypt is not actively being developed or supported, but there are no indications of security vulnerabilities with TrueCrypt, and There are no … Continue reading

Posted in Uncategorized | Leave a comment

Embedded Device Security – Some Thoughts

Overview Devices are becoming increasingly computerized and networked. That is mildly newsworthy. Most of these devices have a long history of not being computerized or┬ánetworked. Once again, only mildly newsworthy. Some of the companies have limited background in designing computerized … Continue reading

Posted in Uncategorized | Leave a comment

CryptoCoding for Fun – Part 2 [Terminology and Concepts]

Introduction (Yak Shaving) As you can see from the title, we are still the “CyberCoding for Fun” path, and although I would like to jump in and start how you make that happen, we need to step back a bit … Continue reading

Posted in Uncategorized | Leave a comment