MSInfluentials
A new blog site for influential people
Sign in
|
Join
|
Help
Home
Blogs
Media
Groups
Jesper's Blog
»
All Tags
»
Security Pontification
(
RSS
)
Browse by Tags
Jesper's Blog
Home
Syndication
RSS for Posts
Atom
RSS for Comments
Email Notifications
Go
Recent Posts
Kip Hawley: "No, the TSA is Necessary Because This is War!"
One "Hacker" Attempts to Rule The World
Believe it or not; DRM for Zune is down!
What do you think, should I do it?
Fun Experiences at Airport Security
Tags
Diving
Mitigations
Running Windows
Security
Security Pontification
Software Development
Thinking differently
Troubleshooting
Windows Security
Windows Server 2008
Windows Vista
View more
Archives
December 2008 (5)
November 2008 (4)
October 2008 (1)
September 2008 (1)
August 2008 (3)
July 2008 (2)
June 2008 (1)
May 2008 (4)
April 2008 (5)
March 2008 (7)
February 2008 (6)
January 2008 (3)
December 2007 (8)
November 2007 (4)
October 2007 (3)
September 2007 (4)
August 2007 (1)
July 2007 (10)
June 2007 (1)
May 2007 (3)
April 2007 (1)
Security
Software Development
Thinking differently
Windows Security
Windows Vista
Kip Hawley: "No, the TSA is Necessary Because This is War!"
CBS News did a story a few days ago on the Transportation Security Administration (TSA). Basically it was a tit-for-tat between Bruce Schneier , security pontificator extraordinaire, and Kip Hawley, the administrator of the TSA. Mr. Hawley's maintans...
Published
Wed, Dec 12 2008 4:44 AM
by
Jesper's Blog
Filed under:
Security Pontification
One "Hacker" Attempts to Rule The World
Wired, always a source for amusement and interesting literature, just carried a story on a "hacker" (the magazine's use of the term equates to "criminal") who attempted to dominate the market in stolen credit cards. It's a...
Published
Wed, Dec 12 2008 2:40 AM
by
Jesper's Blog
Filed under:
Security Pontification
Believe it or not; DRM for Zune is down!
Shocking, yes, I know, but in only four hours this evening Microsoft has managed to alienate over 150 additional customers with its insistence on Digital Rights Management (DRM). This time it is the DRM component of the Zune store that is down, according...
Published
Tue, Dec 12 2008 12:21 AM
by
Jesper's Blog
Filed under:
Security Pontification
What do you think, should I do it?
I get a fair bit of blog spam - comments advertising everything from sexual enhancers to fake anti-malware. This one just came in this morning: Sweet! I can turn off all the blog spam just by e-mailing the criminals? Or, could it possibly be that this...
Published
Sun, Nov 11 2008 10:44 AM
by
Jesper's Blog
Filed under:
Security Pontification
Fun Experiences at Airport Security
For a while I've been thinking about writing something about interesting times I've had at various airport security checkpoints; security theater, as they have come to be known. There is the obvious shoe removal arguments and the ill-defined rules...
Published
Sat, Nov 11 2008 10:13 AM
by
Jesper's Blog
Filed under:
Security Pontification
Is MS08-067 Wormable?
A couple of weeks ago Microsoft released an out-of-band security update in bulletin MS08-067 . Looking at the type of vulnerability and the fact that the issue was already being exploited in the wild at the time, this was a good decision. If you have...
Published
Tue, Nov 11 2008 6:14 AM
by
Jesper's Blog
Filed under:
Security
,
Security Pontification
,
Thinking differently
Security is About Passwords and Credit Cards, Part 3
The final installment in my series called " Security is About Passwords and Credit Cards " is now up on TechNet Magazine. This part of the series discusses updating technologies, including how not to abuse them, messaging about security, and...
Published
Sun, Aug 08 2008 1:14 AM
by
Jesper's Blog
Filed under:
Security Pontification
Security is About Passwords and Credit Cards Part 2
The second part of my " Security is About Passwords and Credit Cards " article just hit the web. This installment looks at logon processes, misleading security eye candy, and insecure communications with customers. As always, I'd love your...
Published
Thu, Jul 07 2008 4:32 PM
by
Jesper's Blog
Filed under:
Security Pontification
Security is About Passwords and Credit Cards
Security is About Passwords and Credit Cards. That's what a very nice lady told me a few months ago. At first I shrugged it off. Of course security is so much more than that. As I started to process it though I realized that is exactly what it is...
Published
Fri, Jun 06 2008 4:27 PM
by
Jesper's Blog
Filed under:
Security Pontification
Thoughts on Security by Obscurity
This has not really been that normal a week for me, but at least another article made it into print. The June 2008 issue of TechNet Magazine is headlined by an article I wrote with my friend Roger Grimes, Security Adviser for Infoworld , on Security by...
Published
Tue, May 05 2008 12:46 PM
by
Jesper's Blog
Filed under:
Security Pontification
,
Thinking differently
Warning! Don't run Anti-Malware Software on Your Research Machine
I do not run any anti-malware software on my primary workstation. It's a habit I got into way back when I was doing penetration assessments. I showed up at the site, fired up ye olde laptop, and went to run some tool. ...went to run some tool. Hey...
Published
Thu, May 05 2008 2:20 PM
by
Jesper's Blog
Filed under:
Security Pontification
Quantum Security
The May 2008 issue of TechNet Magazine is out. It has an article in it that I have been wanting to write for a long time, called Quantum Security . In it I posit the argument that there are some fundamental laws of security, similar to the laws of physics...
Published
Tue, Apr 04 2008 8:37 PM
by
Jesper's Blog
Filed under:
Security Pontification
,
Thinking differently
How to remove the security warning, or should you?
This morning there was an interesting question in the Windows Vista Security Newsgroup . The poster had written an application that users were downloading. However, when they ran the application they received a warning dialog, like this one: The poster...
Published
Mon, Apr 04 2008 1:10 PM
by
Jesper's Blog
Filed under:
Security Pontification
Regulatory Silliness
Susan just pointed me to a " Self-assessment questionnaire " for the Payment Card Industry Data Security Standard (PCI/DSS). While, on the whole, the intent of that standard is good, there are some areas of it that, as usual, stray into the...
Published
Mon, Mar 03 2008 12:30 PM
by
Jesper's Blog
Filed under:
Security Pontification
Measuring Identity Theft
Chris Hoofnagle, of the Berkeley Center for Law And Technology just published a fascinating report entitled " Measuring Identity Theft at Top Banks ." If you have not already, and you are at all interested in security and privacy, you owe it...
Published
Fri, Feb 02 2008 5:20 PM
by
Jesper's Blog
Filed under:
Security Pontification
1
2
3
Next >
All postings are copyright Jesper M. Johansson, in the year they were made. These postings are provided "AS IS" with no warranties, and confer no rights. All postings are the sole opinions of Jesper M. Johansson and do not reflect any official opinion of anyone else with whom the poster is affiliated or has been affiliated in the past. Use of included code samples is permitted for non-commercial use, with no warranties of fitness express or implied. All use of any information or code snippets posted in this blog at the user's sole risk. The blog site would like to thank www.ownwebnow.com and www.exchangedefender.com for their support.