InfoSec

FAA Gives PKWare’s SecureZip Stamp of Approval

It doesn’t surprise me that the inventor of the ZIP file format was recently awarded a large enterprise
software license and maintenance agreement from the Federal Aviation Administration (FAA). What does surprise me is that with my network of security news sources, I hadn’t heard about this product before now.  Granted, I’m mostly an Open Source guy and SecureZIP is commercial software ($39.95 for a single-user license), but I was asleep on this one.

PKWARE’s SecureZIP software will initially be deployed across 50,000 Microsoft Windows® desktops
at the FAA and Department of Transportation (DOT).

I like the way SecureZIP leverages PKI. It enables users to secure files and folders with strong passphrase or digital certificate-based encryption. It also supports digital signatures to ensure data integrity. SecureZIP makes acquiring and using a digital certifcate simple: Upon installation, SecureZIP will automatically request and install (if desired) a digital certifcate from Comodo.

I like AxCrypt and have been using it for quite some time for simple security. AxCrypt doesn’t offer compression, however, so you have to create an archive first, then encrypt it. Moreover, you can’t use certificates or employ digital signatures. SecureZIP is a clear winner for robust security with compression.

I’m headed over there right now to get an evaluation version.

Three US Cyber Challenges to be Announced May 29

Just received SANS NewsBites’ May 19, 2009 issue (Vol. 11, Num. 39) and one article caught my eye. Seems that the sponsors of these Cyber Challenges need some help in naming them:

…a week from Friday…three national cyber games will be announced at a Center for Strategic and International Studies (CSIS) luncheon.  The competitions are part of a huge talent search and talent development program to find and nurture the young people who have the skills to become the next generation of great security professionals… But we are trying to agree on a name for the SANS competition.   Please pick the one, two or three you like best and send them back to  apaller at sans.org. Thanks in advance.

SANS Netwars
SANS War Games
SANS NetAttack Games
SANS King of the Hill Challenge
SANS Security Challenge
SANS HACK/Anti-HACK
SANS InfoSec Challenge
SANS Challenge Net
SANS Security Warrior Competition
SANS Capture the Flag Student Tournament
SANS War Game Challenge
SANS War Games Challenge
SANS InfoSec Faceoff

It’s a great idea and sounds like loads of fun. How about we help them out? I chose SANS War Games, SANS Security Challenge, and SANS InfoSec Faceoff.