Do you know where your endpoints are?

The Register recently reported that a quarter of banks data breaches are due to lost laptops and phones. Let’s look at that for a minute, because it shows that there’s some basic blocking and tackling that needs to be put in place.    I suspect that the vast majority of that loss isn’t due to active [...]
Continue Reading

Can someone bring (more) chaos to an airport for less than $50?

Last month, according to this article, a Verizon wireless crash disabled wifi at JFK, causing huge backups as agents had to hand-write boarding passes and baggage tags.  It's interesting for many reasons, but we've just learned about a vulnerability at that airport. If the article is correct, it means that someone with a $50 wifi or [...]
Continue Reading
UK Bath London-1760

Secure Thinking

I often speak on ‘Secure Thinking’ to a variety of audiences, and share some suggestions on how to keep themselves safer in their online lives.  Here’s those tips:   Patch your systems regularly (patch Tuesday is a great start) Run Anti-Malware, but don’t pay too much for it. Uninstall flash completely. If you need it, [...]
Continue Reading

Apple and FBI

Ok, Apple vs FBI. I might as well write about a third rail, but I've gotten so many questions about what's going on that it's simpler to chime in. Let me begin by saying that I've worked with a lot of law enforcement professionals over the years, and have the highest respect for their integrity [...]
Continue Reading
untitled shoot-004-245-2

Adblock-blocking done right – almost

While there are good security reasons to block ads, I'll be honest and admit that I detest advertising - particularly intrusive, annoying animated ads on websites.   That's why you'll never see an ad here, and why I run adblockers.  Traditional ads (newspapers, televisions, etc), were one thing - I could ignore them, and remain [...]
Continue Reading
(c) Dreamstime

United’s New Security Questions

When I logged into United’s site to check in for a flight this week, I discovered that they’ve changed their user security approach. There’s been some chatter on flyertalk, twitter, and a couple of other places about the changes, and I thought I’d chime in. First, let’s take a look at what United’s trying to [...]
Continue Reading

iPhone repairs – scam or security?

Over the past few days, there have been a number of articles as people discover that their iPhones are bricked after undergoing third-party repairs.  Apple has a FAQ about it, and  iFixit has a good article with details, though I don't necessarily agree with all their conclusions, and they do have a vested interest in [...]
Continue Reading
(c) DepositPhotos / Cseh Ioan

Gentlemen, Encrypt Your Data, Part I

A friend of mine used to shoot dead chickens out of an air cannon at fighter jet canopies to test them against bird strikes. She told me a story that a team in the UK was trying to replicate the process, but kept shooting the birds right through the canopy. When they reached out to [...]
Continue Reading
(c) Depositphotos/Jurgita Genyte

Let’s talk about SSN

The Social Security Number is the Achilles heel of modern information. It was never intended to be used for identification purposes – in fact, my original card has that printed in big bold red letters right across the front of it. Well, that didn’t work out well. In college, SSN was our student number. Printed [...]
Continue Reading
2010-07-22 Alaska Day 2-544-1


Welcome to a few thoughts on cybersecurity, and some occasional photography. We're becoming immune to the news about the latest data breach, and yet folks don’t change their own security practices.   Often that’s because they don’t know where to start. Other times it’s because they’re focused on hitting the checkboxes for a compliance audit. Cybersecurity [...]
Continue Reading

Powered by WordPress. Designed by WooThemes