Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

How to Increase the Likelihood that your Security Risk Recommendations are accepted

Via @adamshostack came this post by @lennyzeltser Why Business Managers Ignore IT Security Risk Recommendations.

Avoiding the creep factor in authentication

I have recently seen a number of WiKID competitors announced in the two-factor authentication market that seek to reduce the need for user interaction.

Defense at every stage

Another tweet struck me for it's common sense and truth:

VPN services leak info via IPv6

Earlier this year, we released a set of packer scripts that allow you to easily build a two-factor ready openvpn virtual appliance.  We have updated the scripts to turn off IPv6 because it seems that VPN services using Openvpn can leak information via IPv6.  (This was surely the easy fix. There may be better ones.)

Bridging Gunnar Gaps to create virtual circles

If you haven't read Gunnar Peterson's post Security, Fast and Slow, please do so now.  It is about how Security's natural tendencies grate the natural tendencies of Development.  Security needs to adapt to make it easier for Development to make the right decisions to bridges such gaps.  I now call these "Gunnar Gaps". 

Recent Posts

Archive

2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom