Discussion thread for reorganization of "Probably the Best Free Security List in the World"

A few words on my thinking behind the categorizations.

Paper "A Reference Model of Information Assurance & Security" (2013) (pdf is at hxxps://mysite.cs.cf.ac.uk/Y.V.Cherdantseva/RMIAS.pdf) lists eight security goals that the authors found when reviewing other security literature (see p. 7):
1. Accountability - not included in our list because it applies only to people.
2. Auditability - not included because I have category "System Information and Activity".
3. Authenticity/Trustworthiness - included.
4. Availability - included.
5. Confidentiality - included.
6. Integrity - included.
7. Non-repudiation - not included; it could be included later if deemed necessary.
8. Privacy - not included because I think it's too similar to Confidentiality.

There are some security topics that have more than one of the above security goals. Therefore I created category "Anti-Intrusion" as a "catch all" for topics that have or could have more than one of the security goals.

 

Not bad idea.

 

I will try to give a higher priority to entering highly useful/important items in the list over working on the new list. If anybody has candidates for highly useful/important items that aren't already in the list, feel free to PM me.

 

out of my head, I think "YAC", "bee doctor", "spark security browser" to name a couple.

yac: http://www.yac.mx/
bee doctor: http://beedoctor.vn/en/
spark security browser: http://sparksecurity.baidu.com/

 

This is delicious:
https://www.wilderssecurity.com/thre...ct-folders-and-use-as-anti-executable.369503/

 

@taleblou and GrafZeppelin: Thanks for the suggestions . I added those to the backlog list that weren't already there. I'll pick out which ones should be given high priority soon.

Yac can't be put in the list though because by policy of techsupportalert.com links which are red status in Web of Trust are not allowed to be mentioned.

 

Latest:

Network Security - Firewalls
Network Security - Email and Other Messaging Security
Network Security - Other
Network Security - Proxies
Network Security - TCP/IP Security
Network Security - Virtual Private Networks
Network Security - Web Security
Network Security - Wireless Security
System Security - Access Control
System Security - Anti-Intrusion - Anti-Malware Software
System Security - Anti-Intrusion - Incident Response
System Security - Anti-Intrusion - Other Third-Party Software
System Security - Anti-Intrusion - Security Suites
System Security - Anti-Intrusion - System Configuration
System Security - Authentication
System Security - Availability - Backup
System Security - Availability - Disaster Recovery
System Security - Confidentiality
System Security - Integrity
System Security - Other
System Security - Resources
System Security - Software Development Security
System Security - System Information and Activity

I added "Access Control", which somewhat overlaps with "Anti-Intrusion", but each has some aspects not in the other one. I intend to put sandboxing and most virtualization items in "Access Control", because that is the security-related reason for their use, right (or not)?

 

Is there a preference for a separate category for sandboxing and/or virtualization? If so, should I name it something like "System Security - Isolation Technologies," or something else?

 

Is there a preference for a separate category for cryptography?

 

Should browser extensions that work only on outdated browser versions be included or not?

 

"Should browser extensions that work only on outdated browser versions be included or not?"

- no

"Is there a preference for a separate category for cryptography?"

- no

"Is there a preference for a separate category for sandboxing and/or virtualization? If so, should I name it something like "System Security - Isolation Technologies," or something else?"

- Good idea

 

I think outdated browse extensions may be included in Prisoners on remand.

 

One of the reasons that I asked is because some security-conscious users purposely use older browser versions.

 

The percent of users using a given browser version is shown at http://arstechnica.com/information-...ws-xp-slides-chrome-growth-stops-in-november/.

 

J_L's idea seem reasonable

 

Latest:

Network Security - Firewalls
Network Security - Email and Other Messaging Security
Network Security - Miscellaneous
Network Security - Proxies
Network Security - TCP/IP Security
Network Security - Virtual Private Networks
Network Security - Web Security
Network Security - Wireless Security
System Security - Access Control
System Security - Anti-Intrusion
System Security - Anti-Malware
System Security - Authentication
System Security - Availability - Backup and Synchronization
System Security - Availability - Recovery
System Security - Confidentiality
System Security - Integrity
System Security - Isolation
System Security - Miscellaneous
System Security - Penetration Testing
System Security - Resources
System Security - Security Suites
System Security - Software Development Security
System Security - System Configuration
System Security - System Information and Activity

 

Email and Other Messaging Security? Spam fighters?

 

Right. And it would also cover other forms of messaging, such as instant messaging.