December 14, 2011 - This post focuses on the recent simultaneous publication of the Cisco 2011 Annual Security Report and the Cisco Connected World Technology Report Chapter 3. Several highlights from the reports focus on the shifting technologies, expectations, and employee behaviors already (continue reading...) Read more
November 14, 2011 - Hacker pranksters have created a bogus Bank of America profile on the Google Plus service. Is this harmless hijinx, or an indication of future Google Plus abuse? Read more
June 23, 2011 - In my last post on this topic, I highlighted just how true the words “Work is no longer a place you go, but what you do” really are. We now have the ability to work anytime, anywhere, (continue reading...) Read more
June 15, 2011 - The National Strategy for Trusted Identities in Cyberspace (NSTIC) proposes a large ecosystem of identity providers, attribute providers, and relying parties that must establish trust with each other in various ways. NSTIC requires various types of trust within the identity (continue reading...) Read more
May 19, 2011 - One of the goals of the National Strategy for Trusted Identities in Cyberspace (NSTIC) is to support a wide range of use cases. These might include everything from low-value purchases to making adjustments to critical infrastructure, like power systems, (continue reading...) Read more
May 6, 2011 - The National Strategy for Trusted Identities in Cyberspace (NSTIC) describes two types of intermediaries between subjects (users) and relying parties: identity providers and attribute providers. This is a separation not frequently found in identity systems. (continue reading...) Read more
May 3, 2011 - Mark Twain once wrote, “Everybody complains about the weather, but nobody ever does anything about it.” Security policy is a lot like that. Creating a security policy is at the top of the list for anyone looking to really secure (continue reading...) Read more
February 8, 2010 - I was reminded today of a problem I noticed long ago: American Express's policies for (continue reading...) Read more
February 2, 2010 - It's standard operating procedure for most users to have a small number of passwords, perhaps only one, that they use on every site that requires a username and password. This is, of (continue reading...) Read more
January 27, 2010 - The Tools-Internet Options dialog box in Internet Explorer has a wealth of important settings in it, some which affect the system outside of Internet Explorer. This dialog box is also available as (continue reading...) Read more
January 27, 2010 - Tomorrow, Thursday, January 28, 2010, is Data Privacy Day in North America and Europe. (Sorry I didn't get you a card. What's your address and social security number so I can (continue reading...) Read more
January 25, 2010 - We have reported on Ben Edelman's research in the past, including the recent past. The spyware researcher and Harvard B-School professor has demonstrated that the Google Toolbar continues to track a (continue reading...) Read more
January 22, 2010 - Upromise has announced that they moved immediately to address the privacy problems identified by Ben Edelman yesterday in their toolbar, TurboSaver. Only TurboSaver users who selected personalized offers were affected, although this (continue reading...) Read more
January 22, 2010 - Say you're bringing your notebook through airport security in the US. Can the TSA (Transportation Security Administration) personnel copy your hard disk and/or search the data on it? No, says Blogger Bob (continue reading...) Read more
January 21, 2010 - Privacy researcher and Harvard Business School Professor Ben Edelman has written a report on the practices of the Upromise Toolbar, called TurboSaver by the company. Upromise is a membership system through which (continue reading...) Read more
January 15, 2010 - One of the big security stories of last month was that Facebook changed their (continue reading...) Read more
January 12, 2010 - It's an eventful day. Just as they release an important new version of Acrobat, Adobe has also revealed that "...a sophisticated, coordinated attack..." was mounted "...against corporate network systems managed by (continue reading...) Read more
December 27, 2009 - Security services firm infySEC has a cool list of what they call the Top 10 of the most infamous unsolved computer crimes. These aren't all famous, or infamous crimes, but the unsolved (continue reading...) Read more
December 22, 2009 - Thanks to reader Roberto Perez for pointing out an error in my recent entry on How the New Facebook Privacy Settings Work (since corrected).I was bothered that restrictions on (continue reading...) Read more
December 21, 2009 - The People's Daily Online (citing Xinhua) is reporting that 11 people in east China have been convicted of writing and distributing malware designed to steal usernames and passwords for online games. The (continue reading...) Read more