Tag: Security

When Steve Gibson talked on Security Now 398 about how few users’ Java plugins are actually up-to-date, this question hit me: Should browser plug-ins have built-in expiration dates? The problem with having all of these old Java versions running around is that attacks always get better. How much more sophisticated are the attacks of today… Continue reading Time Limits on Browser Plugins?

If you have a LinkedIn account, stop what you’re doing and change your LinkedIn password immediately. I’m not kidding–just do it. Once you’re logged in, click on your name near the upper-right corner, click Settings from the menu, click the Account tab near the lower-left corner, and click Change password. Now that you’ve changed your… Continue reading Heads-Up for LinkedIn Users

Charlie Savage reported Monday in the New York Times that the Obama administration is seeking legislation that would require “back-doors” in all encryption products and services in the US. Of course, they cite terrorism as a primary motivation. How best to balance the needs of law enforcement (and of government in general) with the privacy… Continue reading Internet Wiretap Bill Misses the Mark

We’ve been thinking about developing a quick application to replace a paper HR process—should be a simple state machine with four possible states: Submitted, Accepted, Rejected, and Completed. But then we realized we would need email notifications and a coherent security model. These requirements—workflow, notification, and security—happen reasonably well in the old paper model. Not… Continue reading When Low Tech Is the Best Tech

It used to be that network infrastructure was one of an organization’s most valuable assets and security was geared toward protecting the infrastructure; but costs are falling, and the network has become a commodity. Meanwhile, the volume and value of information stored electronically are growing rapidly. For this reason, Dan Greer advocates a paradigm shift… Continue reading The Enterprise Information Protection Paradigm