Daily Cup of Tech » FOSS for Security
June 15, 2007
For some reason I anticipated something else with a title like “FOSS for Security.” This is a solid round up of “quality freeware and open source software” (FOSS redefined yet again – and yes, it does include closed source freeware) for security purposes. Most of the list is desktop applications – leaning towards Windows, but many cross-platform. There are also a handful of Linux firewall distros. I would have also mentioned some of the security- and forensic-centric Live CDs but I’m not sure what the currently “In” ones are. And of course there are oodles and oodles of other free and/or FOSS security tools out there. But you wouldn’t want to overwhelm people. As it is I think the language in this list is probably over the heads of most of those who don’t already know about many/most of these programs. The public is probably better served by the “If you don’t have these few programs installed and running they are going to empty your bank accounts and steal your personal photos for use as desktop backgrounds.”
Which brings me to my question of the week:
Is there a name for the universal law which says that the more valuable the resources under someone’s control are, the less willing they are to keep up with simple steps to protect them? (Especially if those steps involve an investment of time and layer of inconvenience for them.)
UPDATE: I guess this is a reasonably recent list of security CDs based on Knoppix. It therefore doesn’t include Nubuntu – which doesn’t look all that special. Phlak is apparently now really dead.
I also wanted to add that, from my perspective, the Firefox Add On TamperData is one of the top 5 most useful security tools. But that goes back to an audience thing. But if you are ever serving anything more than static html pages, you really should get to know TamperData. It’s also just a great tool for learning about packets, headers, and so on.