Viewing posts by admin
mobile-phone-usage-studies
Posted by: admin 16 years, 3 months ago
Hat tip to Daniel about Nokia's study regarding 3G cell phone usage. Unfortunately, it looks like the report is no longer available.selection-bias-and-information-security
Posted by: admin 16 years, 3 months ago
I read an interesting post about risk strategies and selection bias that made me think about some short term thinking often seen when investments in information security are deferred. Patri Friedman discusses poker strategies in light of selection bias:
You see that if you look at the performance of many businesses w.r.t. a risky practice that is a bad gamble, you can find the slightly negative trend line. But what happens if you consider only those businesses still around? This happens accidentally all the time - after all, its much easier to survey those businesses. The result is that you eliminate the worst failures of the practice you are examining, leaving a falsely positive impression.
The same thing happens in the poker tournament world. Certain styles of play trade EV for variance, allowing people to build up huge stacks occasionally, but usually go bust. Such players often win tournaments - but that doesn’t mean they are playing right. How many times do they fail for each victory? Do they fail more often compared to the money they win than a more conservative player? Some of these “maniacs” are smart players, carefully choosing their gambles and maximizing their returns. But some of them, frankly, are just maniacs, gambling and getting lucky, and giving the false impression that high-variance play is the way to go, because we don’t notice the hundreds of people playing that way and losing.
eating-your-own-dog-food-or-drinking-your-own-pee
Posted by: admin 16 years, 3 months ago
Being an entrepreneur means wearing a lot of hatsentrepreneurship-access-to-capital-and-americas
Posted by: admin 16 years, 3 months ago
Here's an interesting post on entrepreneurship, access to capital and race based on a restricted Census Bureau information. The post ties this study into the current fiscal crisis as well. It's a very interesting post.
how-much-to-spend-on-information-security-no-more
Posted by: admin 16 years, 3 months ago
I have just finished reading Gordon &Loeb's Managing Cybersecurity Resources: A Cost-Benefit Analysis and I highly recommend it for information security professionals seeking to learn more about the economics of information security.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)