On Security Buzzwords

Fri, 03 Apr 2009 09:36:08 GMT
by pdp

I've got quite a lot of good feedback on the security buzzword generator I announced yesterday. For those of you who do not know, the generator is a fun little utility which helps you with coming up with new and exciting buzzwords like a security pro.

We often laugh when a new buzzword makes its rounds in the media but the matter of fact is that buzzwords are important. In essence, buzzwords are just terminology which happens to be used extensively by the media. I find it funny to follow rants of people who are obviously against buzzwords but they make use of buzzwords themselves. If you are against them, just don't use them. I am curious to see how you are going to find a common language with the rest of the world.

Here are a few examples of security buzzwords which are considered an everyday terminology nowadays:

  • Null Pointer Dereference
  • Cross-site Scripting
  • Rebinding Attacks
  • Botnets
  • Storm Worm
  • Virtualized Rootkits
  • there are tones more...

They are buzzwords because at some point they were virtually all over the Web. Today's buzzword is Conficker. If you find something new and intriguing it most certainly will become a buzzword. Is that really that bad?

Q&A with the Public

I have a question to the public. "Dear Reader, what do you call a script injection exploit which happens withing the boundaries of the browser's chrome?"

Archived Comments

Milan CvejicMilan Cvejic
Hehe, this is what you get when security pro have free time :) I tried it and found it funny. Few interesting word combination came out, but my favorite is definitely "Passive feed ejaculation" :)
You've never heard of "Executable Stack Rebinding"? :)
There are obviously SEO black hat buzz words (marketing) like CS (cookie stuffing), and there are also intelligence orientated security buzz words like:
  • security intelligence
  • offensive security domain (OSD)
  • defensive security domain (DSD)
There are power positioning security buzzwords like Stepping Stone, Many Faces, Many Places etc. There are also psychological operations security buzzwords like Problem-Reaction-Solution (PRS), Black PR, retrench-self-2-win. And the obvious ones like botnet, google bombing, spoofing and such like. All points, twists and turns on this great illusion we call life.