Viewing posts from January, 2009
risk-and-effectiveness-for-project-evaluation
Posted by: admin 15 years, 8 months ago
Gunnar Peterson has a post from Metricon about Bryan Ware's presentation about combining the effectiveness of a solution and the risk involved. I couldn't find the link to the actualy presentation. (I didn't have the time to go through them all.)
I think I would tie the effectiveness of the proposed security solution to the cost of capital of the overall project. It would be interesting to tie Bryan's work with my "work" on estimating the cost of capital for an information security project.
spy-coins-from-canada-collect-all-6
Posted by: admin 15 years, 8 months ago
From Yahoo::
In a U.S. government warning high on the creepiness scale, the Defense Department cautioned its American contractors over what it described as a new espionage threat: Canadian coins with tiny radio frequency transmitters hidden inside.It is very strange. The article points out what a poor mechanism it is for tracking: short distance only, likely to be used to buy something, etc. I would think they must have been looking for a very limited amount of information. The location of a safe house, for example. While the distance is limited, you could compensate for that with an 'rfid rifle'.
the-choicepoint-of-johns
Posted by: admin 15 years, 8 months ago
Of course, it makes complete sense. From the Freakonomics blog, an interview with an "escort":
Q. Do you typically know the true identity of your clients, and if so, how?
the-problems-at-palm-and-some-suggestions
Posted by: admin 15 years, 8 months ago
BusinessWeek points out the struggles at Palm, how their operating system is 5 years old, the last Treo was released in 2003 and they've canceled the Foleo. They announced a new Treo for Europe, which looks interesting.
identity-theft-the-nanny-state-and-ambulance
Posted by: admin 15 years, 8 months ago
Mordaxus at Emergent Choas has an inciteful post on how the government can protect people from identity theft.
I can think of a situation we need protection from. Here is a scenario. Let us take the case of a lender, Larry. We need a law to make it so that if Larry lends money to Alice, he cannot try to collect it from Bob. That's all we need. If we have that, we'll have all the legal protection we need to solve identity theft.This is an interesting idea, but I fear that it is too simplistic. I suspect that this is the current law. The problem is really the burden of proof. Currently, Bob has to prove to Larry that he did not borrow the money. Larry gets to put all sorts of nastiness onto Bob's credit report that Bob will never be able to get off. Bob can sue Larry, butas mordaxus points out, the way to change the business practice is to make it not worthwhile, which means a class-action lawsuit.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)