John Pescatore

If the Apple iPhone AppStore “censorship” banned insecure apps, security leap forward!

[Read more →]

In case you are wondering why the Google logo today is a bunch of multicolored dots and dashes, today is the birthday of Samuel Finley Breese Morse, inventor of the telegraph. Well, even though Morse did obtain a patent for the telegraph, inventor is a strong word – Morse was more of an integrator. He [...]

[Read more →]

To combat a lot of mobile malware hype at the time, back in 2005, John Girard of Gartner and I put out a Gartner Research Note “Fast Spreading Virus or Worm Won’t Hit Mobile Devices Before Year-End 2007.” In the note we laid out three requirements that were necessary and we thought those three would [...]

[Read more →]

Wednesday morning I was on a panel about the state of the information security business – you can see a summary here.  I’m always struck by how people want to either treat information security as just like any other technology business, or as totally different from every other technology business. Of course, it is really [...]

[Read more →]

The RSA Conference has followed a standard format for a long time now. The first couple of hours are talks by the major vendor sponsors and then comes the Cryptographer’s Panel, for me always the best part of the show. Like most years, up on stage are Whit Diffie and Martin Hellman, of Diffie-Hellman fame; [...]

[Read more →]

If being on 1,000,000 PCs over a month equals trusted, Conficker’s trusted.
(Source: Great comment by Adi Shamir on this morning’s Cryptographer’s Panel at the RSA Conference)

[Read more →]

From a security perspective, Oracle acquiring Sun is mostly about Identity and Access Management – Earl Perkins and Gartner’s IAM team will be putting out a First Take with our official position. From the larger security market perspective, mega-deals like this always have ripple effects:

Herd mentality – there will likely be copycat mergers, as merger-itis [...]

[Read more →]

I’ve been going to what used to be called the RSA Data Security conference since 1995. It was a lot more fun the first few years I went, as it really was a data security conference and lots of deep diving into cryptography. When the Internet blew up and then Security Dynamics bought RSA, it [...]

[Read more →]

AWARENESS
30 mile per hour speed limit signs every 1/4 mile on a stretch of road that goes past the elementary school where my wife works. Result: everyone knows the speed limit and drives 40-50 mph.
ENFORCEMENT
Traffic cameras that automatically issue $40 tickets if you exceed 39 mph were installed. Result: everyone obeys the speed limit and [...]

[Read more →]

Today we highlight security topics that begin with the letter P, in honor of the 16th day of the month:
PATCHING
Ah, April 16th – US tax day is over, the sun in shining in the Washington DC area after several days of rain. But as our attention turns to spring, don’t forget: this week included the [...]

[Read more →]