Blog

The Non-Geeks Guide to Consumer DRM: Why Your New TV Might Not Work With Tomorrow’s DVD player

By Rich
There’s a lot going on in the world of Digital Rights Management (DRM) these days and I realized not everyone understands exactly what DRM is, how it works, and what the implications are. This has popped up a few times recently among friends and family as (being the alpha geek) I’ve been asked to explain why certain music or movie files don’t work on various players. Before digging into some of the security issues around DRM I thought it would be good to post a (relatively) brief overview. I’ll be honest – as objective as I try

Sore Apples- Apple Updates Mac Wireless Drivers (With Prejudice)

By Rich
So Apple issued an update for the Mac wireless drivers to prevent a buffer overflow, but denies SecureWorks provided them anything useful. Right. We believe you. Got it. You “just happened” to discover exactly the kind of vulnerability that Maynor and Ellch demoed, but they were evil, uncooperative bad guys for hinting they might be there. Considering SecureWorks works responsibly with all sorts of other vendors in the market I suspect the anger may be a tad misplaced. Come on Apple; all software has vulnerabilities. It’s time to stop putting PR in charge of vulnerability management. To quote the

We Did Warn You, Didn’t We…

By Rich
New IE Flaw Exploited on Porn Sites Now we did warn you, and I quote: Especially if you go to “those” sites. Yes, you. Stop pretending you don’t know what I’m talking about. For the record “those sites” are porn and gambling. So you poker addicts are next. And you file sharers- don’t start thinking you’re all safe or something. Those torrent trackers are web pages you know. Of course Disney World fingerprints everyone these days, so maybe they’ll pick this up.

Thank You for Your Medical Records

By Rich
To whom it may concern, While, as a security professional, I take great care to protect all of my systems and data, I cannot guarantee that I am fully compliant with both the HIPAA security and privacy requirements. I have never undergone a HIPAA audit, nor any official HIPAA training or evaluations of any kind beyond those provided to first responders. For your information I do take extensive security precautions including: Hardware and software firewalls on all systems and networks Home directory encryption on my primary Mac Antivirus/antispyware on all Windows systems OS hardening and service minimization Rapid deployment

Stop Using Internet Explorer (for now)! Today! Seriously!

By Rich
Symantec has just reported a new 0day security vulnerability in Internet Explorer that could allow someone to take over your computer. For you non-geeks a 0day (or zero-day, or 0-day) is a vulnerability without a patch. In other words, you can’t fix the flaw on your computer so you either have to block the attacks before they hit you or disable the vulnerable software. While details are sketchy it looks like this particular vulnerability could allow an attacker to take over your computer when you visit a website with the attack code on it. This isn’t the first

iTunes 7- the New Nmap?

By Rich
I travel a lot, and on occasion I’ll run Nmap or some other scanner from my hotel room to get an idea of what’s out there, and how dangerous these hotel networks really are. To be honest it’s not something I do all that much anymore since even scanning an open network is running the risk of being considered over the line. But I just discovered a new security tool. It’s free. And it even plays music! Yes, the ever venerable and recently updated iTunes turns out to be an honest to goodness, if limited, security

Treat Voting Systems Like Gambling Systems

By Rich
Electronic voting seems to be popping up again thanks to our favorite digital ostrich, Diebold. Martin Mckeay’s also writing on this a bit, and it’s well worth reading. This isn’t the first time I’ve mentioned this, and I didn’t come up with the idea, but with the most recent Diebold gossip I think it bears repeating. Gambling systems, electronic or physical, undergo extensive testing, validation, and auditing. We’re not just talking hacking, they shock the darn things with cattle prods and attack them using such phenomenally creative techniques that I’m awestruck the few

Liars Always Lose- Eventually (or: Why Lying is Like Crack)

By Rich
I’m out on the road this week, right now spending two days at a strategic planning session with a large energy company. This is the kind of trip I actually enjoy- working with an end-user on strategic issues at the executive level where they really want to solve the problem. The theme of the day is major disruptions- how to stay in business in the face of massive disasters that go well beyond disaster recovery. I’m just one of about a dozen outsiders brought in to try and get people thinking in new directions. Someone saw one of

Five Years Ago

By Rich
From http://www.september11victims.com/september11victims/victims_list.htm WORLD TRADE CENTER Gordon McCannel Aamoth, 32, New York, N.Y. Maria Rose Abad, 49, Syosset, N.Y. Edelmiro (Ed) Abad, 54, New York, N.Y. Andrew Anthony Abate, 37, Melville, N.Y. Vincent Abate, 40, New York, N.Y. Laurence Christopher Abel, 37 William F. Abrahamson, 58, Cortland Manor, N.Y. Richard Anthony Aceto, 42, Wantagh, N.Y. Erica Van Acker, 62, New York, N.Y. Heinrich B. Ackermann, 38, New York, N.Y. Paul Andrew Acquaviva, 29, Glen Rock, N.J. Donald L. Adams, 28, Chatham, N.J. Shannon Lewis Adams, 25, New York, N.Y. Stephen Adams, 51, New York,

Almost Forgot to (Virtually) Smash That Hard Drive

By Rich
A few months ago I picked up a Western Digital external hard drive at Costco since my MacBook’s internal drive was a bit stuffed with digital photos. The WD drive is a pretty nice USB drive and really portable. The problem? I started having some intermittent failures on the drive. Since this is where I now keep my wedding photos (backed up somewhere else, of course) I decided to return it before it totally died on me. I got the replacement drive, packed up the original, and heading to the shipping store… … where I realized I hadn’t wiped
Page 325 of 327 pages ‹ First  < 323 324 325 326 327 >