As usual, I feel we’re not being smart enough about the way that scammers improve their skills. We demand everything to be easier, and they just reap the winnings. What they’re exploiting is the fact that we use a lot of different services (twitter, email, Facebook), and services within services (those which use those primary… Read More »
Some folk have asked me for more details about the DigiNotar breach after my brief appearance on Al Jazeera this morning. So here are the notes I prepared for the segment. Links at the bottom. Background web security certificates are digital IDs issued by companies entrusted with making sure they are given to the right… Read More »
The DigiNotar breach (“Operation Black Tulip”) is certainly likely to be a watershed in Internet security, and possibly in how we perceive cyberwar. But one lesser point may get lost: how vulnerable we are with a single username password to access all Google accounts. Not only does that single account gain potential access to email… Read More »
This is the extended version of my earlier blog post. The BBC finally ran my commentary so for those of you who want more info, here it is: Think of it as product placement for the Internet. It’s been around a while, but I just figured out how it works, and it made me realise… Read More »
I was directed to this excellent piece, A Victim Treats His Mugger Right : NPR, via Facebook last night. And it made me realise how publishers don’t make the most of that kind of referral. There’s plenty of evidence to suggest that nowadays we tend to get more and more of our reading from peer suggestions… Read More »