My mother is one of millions of senior citizens who are connected and on-line. She sends e-mail, reminding me that my favorite urban legends are still alive and well, and circulating the Internet. She also shops once in a while. She has seen the Citi commercials, so she’s well aware of the term “identity theft”, but I’m not sure she’s exactly clear on what that is. She uses passwords. I’ll bet I could guess them.
Original post by blog@rsa.com (Stan Swiniarski) and software by Elliott Back
Computer security Systems
Computer security Systems
I did quite a bit of driving around over the 4th of July weekend and obviously experienced lots of traffic pains, especially at the toll booths. I do not have an E-ZPass gizmo and was jealous of those FAST LANE drivers zipping by, barely having to slow down at all.
Spending all this time trying to get through the highway tolls, I reflected on the typical experiences we all have when encountering checkpoints on the Information Highway, and how usability compares in this environment.
Original post by blog@rsa.com (Slava Kavsan) and software by Elliott Back
Computer security Systems
Computer security Systems
The CSIA survey clearly shows support among American voters for congressional action to help secure sensitive personal information. Those results, combined with the seemingly endless announcements of breaches to consumers’ personal information in a variety of organizations and businesses, mean that Congress will do something. The question, is what? And, to what effect?
Original post by blog@rsa.com (Shannon Kellogg) and software by Elliott
Computer security Systems
Computer security Systems
Secretary Chertoff has announced the creation of a new Assistant Secretary for Cyber Security and Telecommunications as part of the new Directorate of Preparedness. This is one of many important changes that the Secretary announced today and he should be commended for it. The announcement could not have come at a better time.
Original post by blog@rsa.com (Shannon Kellogg) and plugin by Elliott Back
Computer security Systems
Computer security Systems
Context-free application of security doesn’t work. Expecting application developers to understand security is unrealistic. Defects in applications and development frameworks are here to stay.
Original post by blog@rsa.com (Tim Hudson ) and a wordpress plugin by Elliott
Computer security Systems
Computer security Systems
Despite all the strong cryptography available today, security is still only as strong as the weakest link, and the weakest link in many systems today is still the interface to the user. Even if every honest application ran strong authentication protocols, as long as a rogue application can just ask the user to enter a password directly, the strong cryptography hasn’t helped.
Original post by blog@rsa.com (Burt Kaliski) and a wordpress plugin by Elliott
Computer security Systems
Computer security Systems