The WiKID Blog, musings on two-factor authentication, information security and some other stuff.
sec-creates-extortion-scheme-opportunity
Posted by: admin 16 years, 3 months ago
Following up on my recent post about the bizarre action of the SEC of punishing companies that are victims of pump-and-dump spam. Paul Moriarty, director of product development for Internet Content Security at Trend Micro has pointed out that suspending the stocks created a denial of service/extortion opportunity:
"Pretty soon, you'll start seeing extortion schemes. The spammers will simply call up a company and demand money on the threat of a pump-and-dump spam run. Think about it, a spammer now has the power to control which stocks are suspended by the SEC," Moriarty warned.Of course, one hopes, that if the company can show it is been extorted, the SEC will realize the errors of its ways.
summary-of-identity-landscape
Posted by: admin 16 years, 3 months ago
I really need to spend more time thinking about identity and focusing on what WiKID needs to do in the identity space. You'll have an identity no matter how you authenticate, but the more you rely on your identity the more important it becomes and the more secure it should be. But I think most of the identity players are focused on making identity easier - i.e. fewer logins.of-lexus-lanes-and-safety-spikes-tm
Posted by: admin 16 years, 3 months ago
and information security.
I just finished reading the Undercover Economist by Tim Hartford. Great Read. He has a chapter on externality charges. While he doesn't use the term, he's talking about Lexus Lanes - toll lanes that charge a fee for access - think a paid HOV lane.
the-choicepoint-of-johns
Posted by: admin 16 years, 3 months ago
Of course, it makes complete sense. From the Freakonomics blog, an interview with an "escort":
Q. Do you typically know the true identity of your clients, and if so, how?
congratulations-to-local-boys-spi-dynamics
Posted by: admin 16 years, 3 months ago
on their acquisition by HP and to me, since I was an early angel investor in SPI - so long ago I cannot remember what year it was. Their application to the ATDC had just been rejected as they were viewed as 'unreceptive to coaching', IIRC. I was an entrepreneur-in-residence at ATDC at the time, so it must have late 2000. For what it's worth, they were indeed unreceptive to coaching, except from Brian Cohen who has done a great job as CEO.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)