This profile was last updated on .
Is this you? Claim your profile.
+ Get 10 Free Contacts a Month
Please agree to the terms and conditions
Carnegie Mellon University 4500 Fifth Avenue
Pittsburgh, Pennsylvania 15213
CERT is an organization devoted to ensuring that appropriate technology and systems management practices are used to resist attacks on networked systems and to limiting damage and ensure continuity of critical services in spite of successful attacks, acci ... more
CERT's Podcast Series: Speaker Biographies
Microsoft's decision to retire security tool is myopic | Computerworld
EMET, or Enhanced Mitigation Experience Toolkit, is a seven-year-old anti-exploit tool that Microsoft has touted to deflect malicious attacks.
EMET has been regularly recommended by the company to protect Windows PCs until a proper patch can be issued, for example.
Dormann was reacting to a Nov. 3 announcement by Microsoft that it would drop support of EMET at the end of July 2018.
"Even when users are interested in and looking for this information, the vendor doesn't always make it easy," Dormann said.
Dormann said instead of hard-coding credentials or setting default usernames and passwords that many users will never change, hardware makers should require users to pick a strong password when setting up the device.
Indeed, according to this post from video surveillance forum IPVM, several IoT device makers - including Hikvision, Samsung, and Panasonic - have begun to require unique passwords by default, with most forcing a mix of upper and lowercase letters, numbers, and special characters.
"As long as the password can't be reversed - for example, an algorithm based off of a discoverable tidbit of information - that would be a reasonable level of security.
Google security and product safety â€“ Company â€“ Google
This document was written by Will Dormann.
GovX , Inc.
Baird's CMC Ltd
NICE Systems Ltd
Emerling Ford Mercury Inc