Many small businesses are being dragged into the arena of IT risk assessment by larger client companies, suppliers, or regulators. Common scenarios include credit card (PCI) or HIPAA compliance. Since the Target breach, smaller vendors and supplier companies who have a network connection into the IT operations of a larger company are being required to undergo the same sort of vulnerability and risk assessment procedures ...
I discovered a while ago that my LG smart phone can be used fairly easily to make a surreptitious video of a meeting simply by turning on the video camera and slipping the phone into a shirt pocket. The camera lens clears the edge of the pocket nicely, and there is no indication, at least on my phone, the the camera is rolling. This is a great way to keep a record that ...
A recent rule by the Supreme Court has given the FBI authority to hack your computer if it is inadvertently part of a criminal botnet. Recent changes to a procedural rule known as Rule 41 allows the FBI to obtain a search warrant to use “network investigative techniques” or NIT (or more commonly called hacking) to search computers engaged in criminal activity anywhere in the world. This includes innocent computer users ...
Happy Friday the 13th. In honor of all the governmental and law enforcement agencies that want to deny the privacy and security of encrypted communications to the general public, today we will be looking at encrypted messaging apps for your smart phone.
When the bad guys can break into your digital assets and steal your information with impunity, encryption is a necessity. Encryption is the lock on your data. I am a proponent ...
Continue Reading →
As we all know, Apple refused to assist the FBI in cracking the iPhone 5c of the San Bernardino “terrorist” killers. The FBI took Apple to court. Then the FBI dropped the case after successfully hacking the phone. Then they successfully hacked another phone in a different case in New York. Information appeared linking Israeli mobile security firm Cellebrite to the successful breach of ...
The US House of representatives passed the Email Privacy Act. Finally the Congress passes a bill that actually protects the public from warrantless search and seizure of email records. What makes this vote special is that it was unanimous – 419-to 0! When does that ever happen? Rarely, but considering this bill would protect our representatives too, maybe not all that surprising.
This bill ...
Continue Reading →
We wrote last year about how the IRS and their Get Transcript service was instrumental in helping identity thieves file fraudulent tax returns for big refunds. The problem was that the IRS used static user identity information that was available elsewhere online. They promised to fix this security problem, but have not. This year, many users of the IP PIN system that was supposed to harden security ...
How would you feel if, in order to gain access to a known terrorist’s house, the government passed a law that required every lock manufacturer to create a master key that would unlock every locked door anywhere? What if the police promised that they would only use the key on the one house? What if they promised to keep the key safe and secure so it could never get into the hands ...
American students are not learning how to write computer code, at least not at the rate that is typical in other countries such as India and China. This is extremely bad news for the U.S. economy over the long term; we are not teaching enough computer coders to fill existing jobs, much less future jobs. And more to the point, this is where the ...
At the November meeting of Penguins Unbound, the local Linux Users Group, I was introduced to a group of people from CryptoPartyMN. These guys and gals are serious about anonymity on the web. On of the resources they discussed was a great website called Security in a Box. If you would like to learn how to be more secure in your online communications, this is certainly a ...