Viewing posts from January, 2009
ted-stevens-site-hacked-by-irony
Posted by: admin 14 years, 2 months ago
Hot off the tubes:
Almost as freaky as his infamously disjointed "series-of-tubes" speech last year about the Internet (which briefly earned him the Most Lampooned Politician on the Web award), Stevens's reelection site asks visitors to enter a username and password and then -- as they unsuccessfully fumble for a password -- condemns them with a warning that begins:
banks-seek-tighter-security-from-vendors
Posted by: admin 14 years, 2 months ago
According to today's WSJ, 6 big US banks and BITS will announce security standards for their vendors. This action shouldn't come as a surprise, since the banks are essentially following in the footsteps of VISA and Mastercard and their CISP/PCI standards that attempt to secure the credit card industry - especially since the banks own VISA and Mastercard.better-password-strength-just-one-factor
Posted by: admin 14 years, 2 months ago
Pete over at Spire Security points out the obvvious(which alluded me):
As far as I can tell, Bruce Schneier's current Wired column, MySpace Passwords Aren't So Dumb, is intended to be taken seriously. The article is supposed to be about how "good" passwords on MySpace are these days, and there isn't a hint of irony in his statement:He also points out that if you're not going to do two-factor authentication, then don't worry about long passwords. If any data is important enough or vulnerable enough to require a strong and therefore annoying password policy, use two-factor authentication."But seriously, passwords are getting better."I am at a loss to explain how he can come to this conclusion when every single one of the 34,000 passwords he analyzed were stolen through a phishing attack. What he should have said was: "This shows that a 1-character password (the shortest they harvested) is just as secure as a 32-character password (the longest they harvested)"
the-choicepoint-of-johns
Posted by: admin 14 years, 2 months ago
Of course, it makes complete sense. From the Freakonomics blog, an interview with an "escort":
Q. Do you typically know the true identity of your clients, and if so, how?
i-for-one-welcome-our-ceylon-overlords
Posted by: admin 14 years, 2 months ago
From the Register:
A US defence department advisory board has warned of the danger that American war robots scheduled for delivery within a decade might be riddled with malicious code. The kill machines will use software largely written overseas, and it is feared that sinister forces might meddle with it in production, thus gaining control of the future mechanoid military.
Recent Posts
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
- Scalability improvements in version 5.0 of the WiKID Strong Authentication server
Archive
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)