Showing results for "0":
SSL Is About As Useful As Dumbo’s Magic Feather, But Security Blankets Are Hard to Outgrow
by John Pescatore | September 22, 2011
Jim Crow: You wanna make the elephant fly, don’t ya? Well, you gotta use a lot of ‘chology. You know, *psy*-chology. Now here’s what you do. First, you’ll uh… Jim Crow: [all the crows whisper] Jim Crow: And then right after that, you’ll uh… [whispers continue] Jim Crow: [plucks a feather from the youngest crow’s […]
Twelve Word Tuesday: Forcing Standard Cloud Processes on Custom Business Problems Leads to New Vulnerabilities
by John Pescatore | September 13, 2011
Square pegs jammed into round holes leads to leaks and exposures galore.
Turning Penetration Testing Inside Out
by John Pescatore | August 3, 2011
Back in early late 1990’s and early 2000’s, penetration testing got a bad name. Mostly because there were a lot of small security consulting firms sprouting up and offering penetration tests for $500 or less, and these pen tests weren’t all that much different than what more established firms had charging tens of thousands of […]
Has OWA Really Caused Any Owwies?
by John Pescatore | July 27, 2011
I’m spending a lot of time with Gartner clients as they try to address the risks of letting employees use employee-owned smartphones to access business email and business systems. We go through all the risks, but one question I always ask is “Do you support Outlook Web Access?” The answer is invariably yes. OWA has […]
No Insurance Policy Ever Protected a Customer, and Lots of them Don’t Even Limit Business Risk
by John Pescatore | July 22, 2011
Sony has publicly stated that the direct costs in 2011 in dealing with their failure to protect PlayStation Network customer data will top $170M – and that doesn’t even count what they may end up paying out in settlements and the associated legal costs. Sony, of course, had insurance and expected that would bound how […]
What You Hold In Your Hand Can Be a Lot More Secure Than What You Open on Your Lap
by John Pescatore | July 21, 2011
From a security perspective, Blackberries and iPhones are lightyears ahead in security compared to a Windows laptop. Rim and Apple have had the advantage of controlling both the hardware and the operating systems, where Windows grew up in a time where the mantra was the OS had to run on any commodity hardware that met […]
The Perimeter Persists Because Infrastructure is Never Good at Protecting Infrastructure
by John Pescatore | July 14, 2011
Much the opposite of Generalissimo Francisco Franco, the perimeter is nowhere near dead. Mainly because it makes good business sense, even if it does not make for good PhD theses. Years ago the laptop was supposed to mean the perimeter was dead. Nope, we put a piece of the perimeter (firewall) on the laptop, required […]
Still in Denial About Denial of Service?
by John Pescatore | July 13, 2011
Thirty five years ago today I was working at my summer job at JFK airport in New York and all the lights went out – only the control towers were lit, a very eerie sight from a truck driving around the tarmac. This was the great Northeast blackout of 1977. There have been a number […]
Vacation Checklist: Put Lights on Timer, Hire Petsitter, Feed Facebook?
by John Pescatore | July 7, 2011
One of the major aspects of the advanced threats that are getting past “check the box” defenses these days is the level of targeting – these aren’t your grandfather’s worms that are succeeding today. There have been many attacks targeting CXOs that appear to have done research on social media to personalize phishing email and […]
Au Revoir to Computer Security Pioneer Robert Morris
by John Pescatore | June 30, 2011
The New York Times has an obituary for Robert Morris. Morris was one of the smartest guys around in computer security. He is more well known for being the father of Robert Morris junior, who launched the Morris Worm back in 1988 – still the high water mark for percentage of the Internet taken down […]
Who's Blogging
- Lydia Leong
- Andrew White
- Mark Mcdonald
- Darin Stewart
- Hank Barnes
- Laurel Erickson
- Bill Ray
- Jitendra Subramanyam
- Debbie Wilson
- Manjunath Bhat
- John Wheeler
- Craig Roth
- Augusto Barros
- Svetlana Sicular
- Marco Meinardi
- Kristina Laroccacerrone
- Barika Pace
- Carlos Guerrero
- Jeffrey Hewitt
- Daniel Sanchezreina
- Sumit Agarwal
- Colin Reid
- Sanjeev Mohan
- Merv Adrian
- Dave Egloff
- Tiny Haynes
- Avivah Litan
- Tim Barlow
- Sally Witzky
- Anthony Bradley
- Deacon Wan
- Mike Wonham
- Zachary Weinberg
- Stephen White
- Matt Moorut
- Andrew Lerner
- Akif Khan
- Benjamin Bloom
- John Collins
- Bob Gill
- Mark Raskino
- Claire Tassin
- Jason Mcnellis
- Lizzy Foo
- Mike Mcguire
- Rene Buest
- Kaustav Dey
- Allegra Ubbes
- Bart Willemsen
- Jane Anne
