From the category archives:

Security

Buy online with confidence

August 5, 2010

I’ve made a lot of online purchases and I often purchase goods online to take advantage of better selection and prices.   For example, I recently ordered a larger drive for my desktop PC.  Newegg and Tiger Direct both had a good product for a good price, and shipping was reasonable considering the cost of [...]

Read the full article →

Tabnabbing

July 7, 2010

Aza Raskin has an interesting article on his blog about tabnabbing.  In summary,  an attacker can use javascript that sits quietly on a page waiting until it is no longer in the foreground (for example when you have switched to another tab in your browser), and then switches to a legit looking phishing page.  For [...]

Read the full article →

Garage break-in technique exposed

June 11, 2010

As a security professional, I sometimes struggle with how much information to divulge about security vulnerabilities.  However, by the time it makes YouTube and links circulate in email, my general thought is that criminals already know about it and the benefits of informing the public outweigh the risk. As you can see in this YouTube [...]

Read the full article →

Weather Warnings and You

June 10, 2010

Thre’s a good article on weather watches, weather warnings, and you over at The Squid Zone.

Read the full article →

H1N1: A case study in poor risk decisions

November 28, 2009

In security circles we often discuss why some individuals and businesses find themselves in a perpetual state of high risk. While there can be complex factors, the bottom line is that many of us make poor risk management decisions in our business and personal lives. Sometimes a high risk position results because we don’t correctly [...]

Read the full article →

Do as we say, not as we do.

October 19, 2009

We often hear banks complaining loudly about the losses they suffer from payment card fraud.  Campaigns like “Protect your PIN” and humorous commercials with a miniature armoured truck following a customer down the street must cost tens of millions of dollars. But then consumers still receive calls like I did on Saturday afternoon.  The bank [...]

Read the full article →

30 years of failure

October 14, 2009

Ars Technica has a great article this morning entitled 30 years of failure: the username/password combination. One of the things that they didn’t discuss is why we continue to use passwords for authentication even though they’re known to be a serious weakness. The first reason is that, as long as we don’t include the cost [...]

Read the full article →

Windows 7 BitLocker, a practical solution

October 13, 2009

I recently installed Windows 7 Ultimate (32 bit) on my brand new HP Mini 110 (it ships with XP). The Windows 7 distribution included all the drivers needed to get the system up and running, including the WiFi drivers, making it a very painless process.  Once running, it automatically downloaded the vendor-specific video driver, resulting [...]

Read the full article →

What would you do?

September 2, 2009

The events Monday night in Toronto have the media and net buzzing.  (If you haven’t read about it yet, this Toronto Star article will get you started). While facts, opinions, observations, and premature conclusions dribble out in response to seemingly insatiable public curiosity, there is a question few are asking: What would you do? Incidents like this are [...]

Read the full article →