Z Trek: The Alan Zeichick Weblog

, ,

Chicken sandwich at 12 o'clock high!

If Amazon can deliver packages by drone, then fast-food restaurants like Chick-Fil-A can air-lift chicken sandwiches via hot-air balloon. Right? At least, that's the best explanation for this sighting in my Phoenix neighborhood. Of course,…
, ,

Don't trust Facebook to keep your secrets

Nothing you share on the Internet is guaranteed to be private to you and your intended recipient(s). Not on Twitter, not on Facebook, not on Google+, not using Slack or HipChat or WhatsApp, not in closed social-media groups, not via password-protected…
, ,

The Fifth Column hiding in the Internet of Things (IoT)

I can’t trust the Internet of Things. Neither can you. There are too many players and too many suppliers of the technology that can introduce vulnerabilities in our homes, our networks – or elsewhere. It’s dangerous, my friends. Quite…
, ,

The three big cloud providers keep getting bigger!

You keep reading the same three names over and over again. Amazon Web Services. Google Cloud Platform. Microsoft Windows Azure. For the past several years, that’s been the top tier, with a wide gap between them and everyone else. Well, there’s…
, ,

An intimate take on cybersecurity: Yes, medical devices can be hacked and compromised

Modern medical devices increasingly leverage microprocessors and embedded software, as well as sophisticated communications connections, for life-saving functionality. Insulin pumps, for example, rely on a battery, pump mechanism, microprocessor,…
, ,

Advocating for safer things: On the road, in the home, in business, everywhere

Think about alarm systems in cars. By default, many automobiles don’t come with an alarm system installed from the factory. That was for three main reasons: It lowered the base sticker price on the car; created a lucrative up-sell opportunity;…
, ,

There are two types of cloud firewalls: Vanilla and Strawberry

Cloud-based firewalls come in two delicious flavors: vanilla and strawberry. Both flavors are software that checks incoming and outgoing packets to filter against access policies and block malicious traffic. Yet they are also quite different.…
, , ,

Thinking new about cyberattacks — and fighting back smarter

What’s the biggest tool in the security industry’s toolkit? The patent application. Security thrives on innovation, and always has, because throughout recorded history, the bad guys have always had the good guys at the disadvantage. The…
, ,

Phishing and ransomware attacks against you and your company are getting smarter

Everyone has received those crude emails claiming to be from your bank’s “Secuirty Team” that tells you that you need to click a link to "reset you account password." It’s pretty easy to spot those emails, with all the misspellings,…
, , ,

Mobility and security at two big shows: RSA and Mobile World Conference

What’s on the industry’s mind? Security and mobility are front-and-center of the cerebral cortex, as two of the year’s most important events prepare to kick off. The Security Story: At RSA (February 13-17 in San Francisco), expect…
, , ,

The top cloud and infrastructure conferences of 2017

Want to open up your eyes, expand your horizons, and learn from really smart people? Attend a conference or trade show. Get out there. Meet people. Have conversations. Network. Be inspired by keynotes. Take notes in classes that are delivering…
,

A hit-and-run accident — literally

It was our first-ever perp walk! My wife and I were on the way home from a quick grocery errand, and we were witnesses to and first responders to a nasty car crash. A car ran a red light and hit a turning vehicle head-on. As we pulled over…
, ,

How to take existing enterprise code to Microsoft Azure or Google Cloud Platform

The best way to have a butt-kicking cloud-native application is to write one from scratch. Leverage the languages, APIs, and architecture of the chosen cloud platform before exploiting its databases, analytics engines, and storage. As I wrote…
, , ,

Cybersecurity alert: Trusted websites can harbor malware, thanks to savvy hackers

According to a recent study, 46% of the top one million websites are considered risky. Why? Because the homepage or background ad sites are running software with known vulnerabilities, the site was categorized as a known bad for phishing or…
,

Edgescan loves to do what most people hate. Lucky you!

“If you give your security team the work they hate to do day in and day out, you won’t be able to retain that team.” Eoin Keary should know. As founder, director and CTO of edgescan, a fast-growing managed security service provider…

Why does the FTC spammer have an email address at my domain?

This is a good one. The spam message was short and sweet: From: Richard Kent email hidden; JavaScript is required Subj: You've been subpoenaed by the FTC. You've been subpoenaed by the FTC. FTC Subpoena Please get back to me about this. Thank…
, ,

Hello, Hibiscus! One of our favorite flowers

This plant in our garden keeps blooming and blooming. What's funny is that sometimes the flowers are yellow, and sometimes they are orange, like this one.
,

No honor: You can’t trust cybercriminals any more

Once upon a time, goes the story, there was honor between thieves and victims. They held a member of your family for ransom; you paid the ransom; they left you alone. The local mob boss demanded protection money; if you didn’t pay, your business…
, , ,

Goodbye, Pebble – It’s a real loss to smart watches

I was dismayed this morning to find an email from Pebble — the smart watch folks — essentially announcing their demise. The company is no longer a viable concern, says the message, and the assets of the company are being sold to Fitbit.…
, ,

Four ways enterprise IT can reduce mobile risk

From company-issued tablets to BYOD (bring your own device) smartphones, employees are making the case that mobile devices are essential for productivity, job satisfaction, and competitive advantage. Except in the most regulated industries,…
, , ,

Blindspotter: Big Data and machine learning can help detect early-stage hack attacks

When an employee account is compromised by malware, the malware establishes a foothold on the user’s computer – and immediately tries to gain access to additional resources. It turns out that with the right data gathering tools, and with…
, ,

Where's the best Java coding style guide? Not at Oracle

For programmers, a language style guide is essential for helping learn a language’s standards. A style guide also can resolve potential ambiguities in syntax and usage. Interestingly, though, the official Code Conventions for the Java Programming…
,

Bald eagle at Canyon Lake, Arizona

What an amazing sight! We visited Canyon Lake, Arizona — a short drive from our home in Phoenix — and were rewarded with a close-up of this bald eagle. The bird seems to have caught prey; we believe it was a smaller bird, since we could…
, , , , ,

Medical devices – the wild west for cybersecurity vulnerabilities and savvy hackers

Medical devices are incredibly vulnerable to hacking attacks. In some cases it’s because of software defects that allow for exploits, like buffer overflows, SQL injection or insecure direct object references. In other cases, you can blame…
, , , ,

We need a new browser security default: Privacy mode for external, untrusted or email links

Be paranoid! When you visit a website for the first time, it can learn a lot about you. If you have cookies on your computer from one of the site’s partners, it can see what else you have been doing. And it can place cookies onto your computer…
, , , , , ,

Hackathons are great for learning — and great for the industry too

Are you a coder? Architect? Database guru? Network engineer? Mobile developer? User-experience expert? If you have hands-on tech skills, get those hands dirty at a Hackathon. Full disclosure: Years ago, I thought Hackathons were, well, silly.…
,

May you be blessed

Today's beautiful cactus flowers will be gone tomorrow. So much of our world’s wonders are ephemeral. Blink and you’ll miss the rainbow. A hug lasts mere seconds. A smile is fleeting. Shapes in the clouds constantly change. Take a…
, ,

Spammers really want to give me a BMW, but aren’t sure of the year or model

Mrs. Rachael Adams is back, and still wants to give me a fine Bavarian automobile. But is it a 7-series or a 5-series? Is it a 2015 or 2016 model? Doesn’t matter – it’s a scam. Just like the one a few weeks ago, also from Mrs. Adams,…
,

Though this Medium: using of Internet has been greatly Abused, says scammer

Spam scam: Who needs stand-up comedians when laughs appears in my inbox each and every day? This is one of the most amusing in a while, mainly because I can’t parse most of it. Don’t reply to messages like this. Delete them right away. From:…
, , ,

With Big Data, Facebook knows you by the company you keep

As Aesop wrote in his short fable, “The Donkey and His Purchaser,” you can quite accurately judge people by the company they keep. I am “very liberal,” believes Facebook. If you know me, you are probably not surprised by that. However,…