This week we have focused on the people part of the security puzzle. As we know, people are the weakest link and the easiest point of access. But beating this point into your employees will not help them be better at computer and network security, and just make them feel hopeless and badgered.
Getting employee buy-in requires a little bit of strategy mixed in with a lot of fun.
Facebook recently announced an improvement to it’s logon system. Login security seems to be taking a position from and center lately. Wednesday we wrote about Yahoo’s new authentication system, and today we will move on to Facebook’s Login Approvals.
Previously, Facebook users were able to get Login Notifications. When you entered your user name (usually your email address) and password from a new location, browser, or device, Facebook Notifications would send users an ...
Continue Reading →
If you are having trouble managing “all those passwords” for your online resources, one solution would be to use a password manager like LastPass or Dashlane. Google has come up with a single sign-on (SSO) product that not only will log you into all your Google apps (Gmail, Voice, Blogger, YouTube, Apps, Drive, Analytics, AdWords, etc) but also integrates access into 17 other ...
I’ve been warning about the dangers of self-aware machines for some time.
Here is a story about how a toaster disrupted a keynote address by ARM CEO Simon Segars at the annual ARM TechCon Conference. It seems that the toaster was toasting a bagel which got stuck, and started burning. The smoke caused the fire alarms to go of in the middle ...
Continue Reading →Would you buy your password from an 11-year old girl? I would, and maybe you should, too. Mira Modi, an 11-year old New Yorker, has very very cool service called Diceware. Using a technique developed by Arnold Reinhold, Mira uses dice to come up with a unique 6 word passphrase, which she will send to you in the US Mail. Her fee is two bucks.
Understanding that passwords are cracked by cyber-criminals one of two ways, either ...
Continue Reading →
Using BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products. Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.
The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to US ...
Continue Reading →
It’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family. It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack. What follows are my scary Halloween stories.
One of the major trends in technology is the proliferation of smart devices, also known as the Internet of Things (IOT). The FBI recently released a public service announcement titled “Internet of Things Poses Opportunites For Cyber Crime.” More and more devices are are coming with software, processors and network capability, and connecting to our home and business ...
Apple introduced IOS 9 recently and it is full of security improvements that matter. You should upgrade if you haven’t already. They include:
Back on Sept 18 we criticized presidential candidate Jeb Bush, FBI Director James Comey, and other politicians for complaining that encryption was making it too hard to fight the “evil doers” and suggesting that some sort of “master key” or “backdoor” was needed by law enforcement and intelligence services to do their jobs. We of course disagreed.
Around the same time that ...
Continue Reading →