Tags: Apple

Practical Password Advice for INFOSEC Pros and Normal People

I recently conducted an informal poll via Facebook asking my friends what kinds of information security topics they’d like to hear about. That population has a pretty good spread of information security professionals and normal people and a subject I heard frequently from both groups was: What can we do with passwords that is reasonably safe and reasonably usable? […]

Read More…

Ransomware Defenses

I just stumbled across an article talking about a new variant of ransomware called CryptoWall 3.0.  The fact that there are multiple strains and versions of ransomware suggest to me that they provide a lucrative revenue stream for the Bad Guys.  That got me thinking about the problem more broadly and how we can defend ourselves […]

Read More…

MasterCard and Visa to end password authentication

This is an interesting article: MasterCard and Visa to end password authentication Biometrics are starting to go mainstream as a means of authentication.  My one word of warning to anyone looking at biometrics as a form of authentication is to consider a “proof of life” requirement for biometric authentication.  If the stakes are high enough, there […]

Read More…

The Week That Was – 2013.11.15

This week we have a wide spectrum of topics.  Facebook subtly calls out Adobe.  We discuss the nuance of malicious code on the International Space Station (ISS), which includes our first ever Bonus Link at no additional cost!  We briefly mention some new published research papers and take a trip in the Way Back Machine […]

Read More…

The Week that Was – 10/28/2013

Last week had a number of interesting developments.  Two of them involved the law, privacy, and security implications. First, the Third Circuit Court ruled that GPS tracking devices attached to vehicles require a probable cause warrant. [9]   I think this is an important ruling for privacy and the 4th Amendment.  I’m a proponent for […]

Read More…

The Week That Was – 10/18/2013

I’m getting back in the saddle this week.  Sorry for the long break. I have a bit of a mix this week.  Some are security-related and others aren’t, but they are still worth looking at.  Here are some items of note: There is big news from Oracle. The have issued a Patch-a-lanche™ for Java.  [8]  […]

Read More…

The Week That Was – 2013-05-13

I have a decent sized batch of links for you all this week.  As a warning, I’ll occasionally wander out of the purely INFOSEC or risk realms.  There are a couple of those items thrown in this week.  It’s important to look around at other subjects to give us perspective and insight.  Part of that […]

Read More…

The Week That Was – 4/15/2013

I’ve got one metric butt load of links for you this week.  There is a lot of good stuff but here are some of the highlights: Doctor Dan Colman, Winton Professor for the Public Understanding of Risk at Cambridge University, has shared a really interesting video on risk.  [1],[9]  His point is that sometimes it’s […]

Read More…

The Week That Was – 10/1/2012

This is actually a link dump for the past two weeks. Last week completely got away from me. All the cool kids were bashing passwords the past two weeks. [2], [22-23], [28], [40]  I agree that passwords are not the ideal authentication tool. However, it seems that history has shown that passwords strike the right […]

Read More…

The Week That Was – 9/17/2012

We’ve got a bumper crop this week.  There are the obligatory links to the GoDaddy affair.  I get the distinct feeling that the GoDaddy event was not nearly as sensational as the security community would have liked.  Still it’s a sad commentary when your best PR move was to claim self-inflicted gunshot wound to the […]

Read More…
%d bloggers like this: