DigiNotar Breach Notes

Some folk have asked me for more details about the DigiNotar breach after my brief appearance on Al Jazeera this morning. So here are the notes I prepared for the segment. Links at the bottom. Background web security certificates are digital IDs issued by companies entrusted with making sure they are given to the right …

Continue reading ‘DigiNotar Breach Notes’ »

Backed Up? Or Cracked Up?

There’s quite a commotion online about a program called g-archiver that promises to back up your Gmail account, but in the process apparently harvests all users’ Gmail usernames and passwords, and mails them to a separate Gmail account. This is indeed scary, although it’s possible that the person behind it wasn’t collecting the passwords for …

Continue reading ‘Backed Up? Or Cracked Up?’ »

Keys to the Kingdom

In this week’s Loose Wire Service column (which runs in print publications, more here), I write about those unsung heroes of productivity: programs that store globs of text for you so you don’t have to keep typing the same thing. Last time I talked about how the keyboard is often a quicker way to launch …

Continue reading ‘Keys to the Kingdom’ »

Banks Cross Borders, But Their Service Doesn’t

Banks always talk about being global, and thinking local, and all that tosh. And it is tosh. Really. My bank just called me, for example, to congratulate me for linking my bank accounts in different parts of the world so I can see them from one website. Great idea, weird it hasn’t been possible until …

Continue reading ‘Banks Cross Borders, But Their Service Doesn’t’ »

Yoggie, Yoggie, Yoggie

This week’s column in the Journal (subscription only, I’m afraid) is about something called the Yoggie:   This small computer is called the Yoggie Pico, launched May 29 by an Israeli company called Yoggie Security Systems. The idea is that you should protect your computer not by installing firewall, antispyware, antivirus and antispam software on it, …

Continue reading ‘Yoggie, Yoggie, Yoggie’ »

The Source of the Malware Scourge

Despite appearances, the U.S. is still the most popular place for the bad guys to place their malware code. StopBadware.org has listed those Internet Service Providers that wittingly or unwittingly host “badware” — an umbrella term for any kind of software that insidiously installs itself on your computer. What’s interesting is that while there is …

Continue reading ‘The Source of the Malware Scourge’ »

Drive Safely

This is probably the way to go with USB drives — security features that the user has to follow, or else the device won’t work.  Verbatim’s new Store ‘n’ Go Corporate Secure USB Drives’ mandatory security features safeguard all device contents with a complex password. Hack resistant feature locks down device after 10 failed logon …

Continue reading ‘Drive Safely’ »

Let Your Fingers Do the Remembering

Maybe I’ve missed something, but why isn’t more work dedicated to understanding the link between passwords and memory? Given that we’re supposed to remember our passwords (as opposed to writing them down on Post-it notes and sticking them somewhere prominent) why don’t we look more closely at the process whereby we remember stuff — and …

Continue reading ‘Let Your Fingers Do the Remembering’ »

Spammers Get Authenticated

Until now, most spammers sent their stuff through open relays — Internet-connected computers that were either unprotected, or else had been compromised by viruses or trojans into sending the spam without the owner being aware. But that is changing, says AppRiver, and it has big implications for how spammers work and may render useless today’s …

Continue reading ‘Spammers Get Authenticated’ »