Quantcast
Channel: Making leadership accessible
Browsing all 177 articles
Browse latest View live

Autoturning headlights

We just bought a new car, and it has headlights that turn to the left or the right when the steering wheel has turned in that direction. It's a pretty neat feature, although I discovered an interesting...

View Article



Disclosure Laws

At a conference recently, one of the panelists asserted that the California Disclosure Law (SB-1386) was the worst information security law in memory. I disagree. I think it is the best regulation...

View Article

False Positives

Driving in to work this morning, I discovered a wonderful failure mode of an alerting system. My car has a weight sensor in the passenger seat; if it detects a possible passenger in the seat, without a...

View Article

Infosec - Failing or Succeeding?

Noam Eppel at Vivica asserts that Information Security is a total failure:Today we have forth and fifth generation firewalls, behavior-based anti-malware software, host and network intrusion detection...

View Article

Invisibility Cloak

Invisibility gets closer.It's a cool concept. But once the price comes down, this is one of those potentially disruptive technologies (it reminds me a lot of Shield, by Poul Anderson). I think there...

View Article


Pseudonymity

Pseudonymity, for those new to it, is the use of a semi-permanent, but incomplete or false identity. For instance, in many online communities, I'll just go by my first name, with a specific Gmail...

View Article

Sledgehammers

How do you perfectly secure data on a system? The hard drive should be encrypted, of course. Logging onto the system should use a one time password, as well as an asymmetric identifier. You put the...

View Article

The enemy's gate is down

In hi-tech business, it's worth tracking the money to look at where the future of our technologies will take us. And often, you can at least look at where VCs are thinking about their money:Mark...

View Article


Usenix Security Symposium

The first week of August, you'll find the USENIX security symposium in Vancouver. The invited talks this year look great, but I'm not sure I'll be able to make it. If you go, don't miss Matt Blaze's...

View Article


Zipcar

Zipcar just showed up in the new parking garage at work. Interesting to note that they've now added the Scions (xA and XB), Element, and Matrix to their line-up.I assume that means they're seeing...

View Article

Social Engineering Self-training

Most security systems have the annoying side effect that increasing attack volumes can degrade them, usually through tuning of defenses, or desensitization (Yes, this is a generalization). Social...

View Article

Policy and Practice - a Talmudic distinction

It's hip, of course, to be able to use Talmudic in a description of regulatory environment - but this is actually going to use the Talmud as a source. Policy is what we write down; practice is what we...

View Article

Phishing

We're all so paranoid about phishing, but it seems like we only really care about banking. I wonder, if the banking industry ever gets its game on, if identity thieves will start going after other...

View Article


Security and Obscurity

Everyone has heard the mantra, "Security through obscurity is no security at all." I hope that people remember where it came from - when companies were announcing proprietary cryptographic algorithms,...

View Article

Sanitization vs. crypto

Bruce Schneier opines on NIST's proposed non-use of encryption as sanitization:Encryption is not a generally accepted means of sanitization. The increasing power of computers decreases the time needed...

View Article


Embedded bluetooth systems

I have a bluetooth handsfree device, which occasionally gets into an annoying error mode, where my phone thinks the device is connected, and the device disagrees. Modifications to the phone's state -...

View Article

The Problem with Password Unmasking

I disagree with this:It's time to show most passwords in clear text as users type them. Providing feedback and visualizing the system's status have always been among the most basic usability...

View Article


Security and hairdressing

I've become an amateur hairdresser in the past couple of years, thanks to my three year old (I suspect that, had I been unwilling to do so, her hair would be quite short right now). Along the way, I've...

View Article

Compliance, Security, and the relations therein

Last week, Anton Chuvakin shared his latest in the "compliance is not security" discussion:Blabbing "compliance does not equal security" is a secret rite of passage into the League of High Priests of...

View Article

H1N1 and telework

The nervousness around H1N1 has pretty much permeated every aspect of our lives. Remember a year or two ago, the hysteria around hand sanitizers and alcohol poisoning? Gone; in its place, we have...

View Article
Browsing all 177 articles
Browse latest View live




Latest Images