I asked Bob Blakley and Mike Neuenschwander some questions about Limited Liability Personae. Rather than focusing on the implementation, I wanted to talk about the high level purposes, as well as concerns that most people have with the idea of a persona. Whenever I discuss personae, there are issues that frequently come up, for example:…Read More What Would One Actually Do With A Persona?
A man in the UK has been arrested somewhat dramatically for illegally using a WiFi connection. The BBC reports it here as “Man arrested over wi-fi ‘theft’” and El Reg as “Broadbandit nabbed in Wi-Fi bust.” Each is worth reading. The police statement is worrying. El Reg says: Despite not having secured a conviction yet…Read More Trespass and Forgiveness
El Reg reports that “Pipex invites customer to get ‘c**ted’” in which the generated passwords that the Pipex system suggested contained a rude word. A screenshot is available on the Register article. There is, however, a second obscenity here that is far more subtle. That obscenity is in the password selection advice and suggestions. The…Read More Obscenities in Passwords
How clean is that piece of food that you dropped on the floor? Do you really want to eat it? Harold McGee explores the five-second rule in the New York Times. Personally, I always heard it as the thirty-second rule. I guess that it’s a good thing I have a strong immune system.Read More Food and Bacterial Risk Assessment
The SnoopStick offers full realtime monitoring of another computer. It’s Vista-ready, too, which perhaps says something about Vista security, or perhaps about people who have had trouble working with Vista, or both. Any time you want to see what web sites your kids or employees are visiting, who they are chatting with, and what they…Read More Rootkit on a Stick
I was on the last flight back west on a Friday night, glad that it looked likely I was going to get home. Even better, I’d been upgraded. I flopped into my seat, pulling out the noise-canceling headphones, laptop power adapter, books, and all that other stuff that makes a long flight an oasis of…Read More Information Leaks
They are: Something you’ve lost, Something you’ve forgotten, and Something you used to be. Here is a sad tale of a man who has a failure on (3), realizes he’s done (2), and his solution to the problem. It’s a classic tale of how more is often less when it comes to security. Lest you…Read More There are three types of authentication
The NYT reports, “Rough Treatment for 2 Journalists in Pakistan” and indeed reporting is dangerous in countries where they do not respect the sort of basic rights we in the civilized world have championed for nigh 800 years. However, a computer was seized, sources were roughed up and possibly jailed or killed: Since then it…Read More Information Security Needs
Seventy Percent of Americans think we need more laws to protect them from identity theft and all that. I can think of a situation we need protection from. Here is a scenario. Let us take the case of a lender, Larry. We need a law to make it so that if Larry lends money to…Read More What Congress Can Do To Prevent Identity Theft
Here’s the lead story in this week’s CSO magazine. I’m sure glad we no longer have to worry about breaches or compliance and can focus on whether we’re wearing the right things.Read More Hey, Guys and Gals, Security is No Longer a Problem!