Can’t we fix injection already? It’s been nearly four years since the most recent iteration of the OWASP Top 10 came out — that’s June 12, 2013. The OWASP Top 10 are the most critical web application security flaws, as determined by a large group of experts. The list doesn’t change much, or change often, because […]
To our delight this morning, our new Blue Passion vines had their first flowers. Passiflora caerulea is an amazing plant. It grows these colorful and complex flowers, which only last about one day, but there’s a long array of buds in various stages of development, so we’ll have blooms nearly every day for months. The Gulf Fritillary butterfly common […]
“Call with Alan.” That’s what the calendar event says, with a bridge line as the meeting location. That’s it. For the individual who sent me that invitation, that’s a meaningful description, I guess. For me… worthless! This meeting was apparently sent out (and I agreed to attend) at least three weeks ago. I have no recollection […]
The word went out Wednesday, March 22, spreading from techie to techie. “Better change your iCloud password, and change it fast.” What’s going on? According to ZDNet, “Hackers are demanding Apple pay a ransom in bitcoin or they’ll blow the lid off millions of iCloud account credentials.” A hacker group claims to have access to […]
We received this realistic-looking email today claiming to be from a payment company called FrontStream. If you click the links, it tries to get you to active an account and provide bank details. However… We never requested an account from this company. Therefore, we label it phishing — and an attempt to defraud. If you […]
The U.S. and U.K. are banning larger electronic items, like tablets, notebooks and DLSRs, from being carried onboard flights from a small number of countries. If that ban spreads to include more international or even domestic flights, this will result in several nasty consequences: 1. Business travelers may be unable to bring computers on trips […]
Today’s calculation device is this lovely vintage HP-28S “advanced scientific” calculator from the late 1980s. As a working calculator, it’s not my favorite. HP gets points for creativity, but the clamshell design makes for an awkward user experience. I’m finding it frustrating to use because each line on the display is hard to read, there […]
Let’s talk about the practical application of artificial intelligence to cybersecurity. Or rather, let’s read about it. My friend Sean Martin has written a three-part series on the topic for ITSP Magazine, exploring AI, machine learning, and other related topics. I provided review and commentary into the series. The first part, “It’s a Marketing Mess! Artificial […]
Was the Russian government behind the 2004 theft of data on about 500 million Yahoo subscribers? The U.S. Justice Department thinks so: It accused two Russian intelligence officers of directing the hacking efforts, and also named two hackers as being part of the conspiracy to steal the data. According to Mary B. McCord, Acting Assistant […]
Let’s take a chainsaw to content-free buzzwords favored by technology marketers and public relations professionals. Or even better, let’s applaud one PR agency’s campaign to do just that. Houston PR, based in the UK, has a fun website called “Buzzsaw” which removes those empty phrases from text, such as press releases. Says the agency: This […]
As many of you know, I am co-founder and part owner of BZ Media LLC. Yes, I’m the “Z” of BZ Media. Here is exciting news released today about one of our flagship events, InterDrone. MELVILLE, N.Y., March 13, 2017 — BZ Media LLC announced today that InterDrone™ The International Drone Conference & Exposition has been […]
To absolutely nobody’s surprise, the U.S. Central Intelligence Agency can spy on mobile phones. That includes Android and iPhone, and also monitor the microphones on smart home devices like televisions. This week’s disclosure of CIA programs by WikiLeaks has been billed as the largest-ever publication of confidential documents from the American spy agency. The document […]
“You walked 713 steps today. Good news is the sky’s the limit!” Thank you, Pebble, for that encouragement yesterday. The problem with fitness apps in smartwatches is that you have to wear the watch for them to work. When I am at home, I never wear a watch. Since I work from home, that means that I usually […]
Cybercriminals want your credentials and your employees’ credentials. When those hackers succeed in stealing that information, it can be bad for individuals – and even worse for corporations and other organizations. This is a scourge that’s bad, and it will remain bad. Credentials come in two types. There are personal credentials, such as the login […]
Apple isn’t as friendly or as as communicative as one would think. Earlier today, I received a panic call from someone trying to sync videos to her iPad from a Mac – and receiving a message that there was no suitable application on the iPad. Huh? That made no sense. The app for playing locally stored […]
What’s the Snapchat appeal? For now, it’s a red-hot initial public offering and the promise of more public offerings to come, after a period of slow tech movement on Wall Street. The Snapchat social-media service is perplexing to nearly anyone born before 1990, myself included. That didn’t stop its debut on the New York Stock […]
If Amazon can deliver packages by drone, then fast-food restaurants like Chick-Fil-A can air-lift chicken sandwiches via hot-air balloon. Right? At least, that’s the best explanation for this sighting in my Phoenix neighborhood. Of course, what I really want is a Dunkin’ Donuts food truck going up my street. Like the old-fashioned ice cream vans. Though […]
Nothing you share on the Internet is guaranteed to be private to you and your intended recipient(s). Not on Twitter, not on Facebook, not on Google+, not using Slack or HipChat or WhatsApp, not in closed social-media groups, not via password-protected blogs, not via text message, not via email. Yes, there are “privacy settings” on […]
I can’t trust the Internet of Things. Neither can you. There are too many players and too many suppliers of the technology that can introduce vulnerabilities in our homes, our networks – or elsewhere. It’s dangerous, my friends. Quite dangerous. In fact, it can be thought of as a sort of Fifth Column, but not […]
You keep reading the same three names over and over again. Amazon Web Services. Google Cloud Platform. Microsoft Windows Azure. For the past several years, that’s been the top tier, with a wide gap between them and everyone else. Well, there’s a fourth player, the IBM cloud, with their SoftLayer acquisition. But still, it’s AWS […]
Modern medical devices increasingly leverage microprocessors and embedded software, as well as sophisticated communications connections, for life-saving functionality. Insulin pumps, for example, rely on a battery, pump mechanism, microprocessor, sensors, and embedded software. Pacemakers and cardiac monitors also contain batteries, sensors, and software. Many devices also have WiFi- or Bluetooth-based communications capabilities. Even hospital rooms […]
Think about alarm systems in cars. By default, many automobiles don’t come with an alarm system installed from the factory. That was for three main reasons: It lowered the base sticker price on the car; created a lucrative up-sell opportunity; and allowed for variations on alarms to suit local regulations. My old 2004 BMW 3-series […]
Cloud-based firewalls come in two delicious flavors: vanilla and strawberry. Both flavors are software that checks incoming and outgoing packets to filter against access policies and block malicious traffic. Yet they are also quite different. Think of them as two essential network security tools: Both are designed to protect you, your network, and your real […]
What’s the biggest tool in the security industry’s toolkit? The patent application. Security thrives on innovation, and always has, because throughout recorded history, the bad guys have always had the good guys at the disadvantage. The only way to respond is to fight back smarter. Sadly, fighting back smarter isn’t always the case. At least, […]
Everyone has received those crude emails claiming to be from your bank’s “Secuirty Team” that tells you that you need to click a link to “reset you account password.” It’s pretty easy to spot those emails, with all the misspellings, the terrible formatting, and the bizarre “reply to” email addresses at domains halfway around the […]
What’s on the industry’s mind? Security and mobility are front-and-center of the cerebral cortex, as two of the year’s most important events prepare to kick off. The Security Story At the RSA Conference 2017 (February 13-17 in San Francisco), expect to see the best of the security industry, from solutions providers to technology firms to analysts. RSA […]
Want to open up your eyes, expand your horizons, and learn from really smart people? Attend a conference or trade show. Get out there. Meet people. Have conversations. Network. Be inspired by keynotes. Take notes in classes that are delivering great material, and walk out of boring sessions and find something better. I wrote an […]
It was our first-ever perp walk! My wife and I were on the way home from a quick grocery errand, and we were witnesses to and first responders to a nasty car crash. A car ran a red light and hit a turning vehicle head-on. As we pulled over to see if there were injuries, the […]
The best way to have a butt-kicking cloud-native application is to write one from scratch. Leverage the languages, APIs, and architecture of the chosen cloud platform before exploiting its databases, analytics engines, and storage. As I wrote for Ars Technica, this will allow you to take advantage of the wealth of resources offered by companies […]
Las Vegas, January 2017 — “Alexa, secure the enterprise against ransomware.” Artificial intelligence is making tremendous headway, as seen at this year’s huge Consumer Electronics Show (CES). We’re seeing advances that leverage AI in everything from speech recognition to the Internet of Things (IoT) to robotics to home entertainment. Not sure what type of music […]