Blog

Introducing Chris Pepper

By Rich
I’d like to take a moment and introduce a new contributor to Securosis. Chris Pepper is a senior systems administrator at Rockefeller University in NYC and longtime contributor to TidBITS and various other publications. Chris is one of the most knowledgeable sysadmins I’ve ever known and the first person I turn to when I need command-line support on various *nix flavors or Mac. Chris and I have been friends since sometime near the end of high school (we went to different schools). I was insanely jealous of his Apple Newton and after years of debate he’s the

Encryption is Cheaper than Destruction

By Rich
I like to think Richard Stiennon and I are good friends. He was at my wedding in Mexico. I took him and his son skiing up at Copper Mountain where I used to patrol. For a time he even rented space in my condo in Boulder while I was slowly moving to Phoenix. We’d swap my car out at the airport parking lot; it was very convenient. But I never suspected he was so violent. Goes to show you that you can never really know someone. It all started with this post on his blog where he advocates smashing

What I Really Meant About Security Through Obscurity

By Rich
I’ve been publishing for in various formats for nearly 10 years now, and I have to admit I’m really enjoying some of the features of blogging. Aside from writing in a more personal voice, I actually appreciate the near instant feedback- from anyone- anywhere- of the blogosphere. I actually enjoy having my ideas challenged and debated. A couple days ago I posted a somewhat lengthy rant on disclosure. Not that I think disclosure is bad, but that we aren’t always willing to discuss the deeper motivations of those involved, on all sides, and admit that in many cases

Dealing with Security Vendor Exaggerations

By Rich
I generally don’t discuss “industry” issues here since that’s what I get paid to do at my day job. And if I start offering for free here, what I get paid to do over there, I may find myself offered the opportunity to do it for free on a permanent basis. Mike Rothman runs one of the better industry-oriented blogs. He and I used to sit across the table when he ran marketing for one of the vendors I cover. I like Mike a lot better as an analyst. He’s running an interesting debate on the problems

Security is Like Dentistry

By Rich
Guess where I spent the day? I’ll warn you now, I have a bad habit of taking metaphors too far. Security is like dentistry: It costs more than you think it should. It’s more painful than the providers ever tell you. If you don’t keep up with ongoing maintenance it costs A LOT more and is WAY more painful. It’s really hard to find a good provider. Most vendors prey on fear. Some vendors sell a pretty smile, not that their products actually work. If you make decisions based only on financial Return On Investment you’

The 3 Dirty Little Secrets of Disclosure No One Wants to Talk About

By Rich
As a child one of the first signs of my budding geekness was a strange interest in professional “lingo”. Maybe it was an odd side effect of learning to walk at a volunteer ambulance headquarters in Jersey. Who knows what debilitating effects I suffered due to extended childhood exposure to radon, the air imbued with the random chemicals endemic to Jersey, and the staccato language of the early Emergency Medical Technicians whose ranks I would feel compelled to join later in life. But this interest wasn’t limited to the realm of lights and sirens; it extended to professional subcultures

Off Topic: A Little Perspective

By Rich
This has nothing to do with security other than the fact Mike Rothman is a security analyst. Sometimes it’s worth sitting back and evaluating why you’re in the race in the first place. It’s all too easy to get caught up in the insanity of day-to-day demands or the incredibly deceptive priorities of the corporate and government rat races. A few months ago I took a step back and decided to reduce travel, stay healthy, and start this blog. I wanted a more-personal outlet for writing on topics and in a style that’s inappropriate at my

Experiences with FileVault- Mac Encryption

By Rich
Believe it or not, despite accusations that that my coverage of the Mac wireless hack is all part of some anti-Apple black PR conspiracy, I’m a Mac user. One that’s so addicted I bought my Mom one and had it shipped to me so I could “configure” it. Okay, really I had to send mine in for service and I needed another Intel Mac so I could run it off an external hard drive with an image of my MacBook Pro. I mean I might have been without it for, like, 5-7 days and that’s just not

Voting Machine Idiocy- and a Proposal for a Reasonable Standard

By Rich
Ah Diebold, how we’ve missed you. In yet another example of gross negligence with our most sacred political process we find our favorite manufacturer of ATMs and voting machines yet again in the news. This time with a series of failures in the Alaskan primary. From Slashdot: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/15859396/article.pl From Engadget: http://www.engadget.com/2006/08/24/diebold-machines-fail-in-alaska-primary/ For those of you that don’t follow the twist and turns of this seriously shady company, Diebold has a long history of insecure voting machines, battling any attempt to regulate better voting security, and attacking

Home Security Tip of the Day: SpamSieve for Mac

By Rich
One of the advantages of being a paranoid security geek is you slowly acquire a familiarity with consumer security tools to prevent any of the bad nastiness you comment on from happening to your own system. While I’m sure some of my remotely hosted servers will get cracked on occasion since I don’t have full control over them I’ve taken it as a personal point of honor to defend my personal computers from www.youvebeenhacked.ru to the bitter end. Every now and then on slow news days I’ll highlight some of these tools and techniques
Page 321 of 322 pages ‹ First  < 319 320 321 322 >