On Security Buzzwords
I've got quite a lot of good feedback on the security buzzword generator I announced yesterday. For those of you who do not know, the generator is a fun little utility which helps you with coming up with new and exciting buzzwords like a security pro.
We often laugh when a new buzzword makes its rounds in the media but the matter of fact is that buzzwords are important. In essence, buzzwords are just terminology which happens to be used extensively by the media. I find it funny to follow rants of people who are obviously against buzzwords but they make use of buzzwords themselves. If you are against them, just don't use them. I am curious to see how you are going to find a common language with the rest of the world.
Here are a few examples of security buzzwords which are considered an everyday terminology nowadays:
- Null Pointer Dereference
- Cross-site Scripting
- Rebinding Attacks
- Storm Worm
- Virtualized Rootkits
- there are tones more...
They are buzzwords because at some point they were virtually all over the Web. Today's buzzword is Conficker. If you find something new and intriguing it most certainly will become a buzzword. Is that really that bad?
Q&A with the Public
I have a question to the public. "Dear Reader, what do you call a script injection exploit which happens withing the boundaries of the browser's chrome?"
- security intelligence
- offensive security domain (OSD)
- defensive security domain (DSD)
Many Faces, Many Placesetc. There are also psychological operations security buzzwords like
retrench-self-2-win. And the obvious ones like botnet, google bombing, spoofing and such like. All points, twists and turns on this great illusion we call life.