The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Category: Crime

February 18, 2016

Purpose unclear. Why are the FBI *really* trying to subvert encryption?

Tim cook says Apple will fight a federal order to help the FBI hack an iPhone.   An earlier version of this page has…

December 30, 2013

Former Head Of Airport Security: ‘The TSA Couldn’t Save You From

http://www.businessinsider.com/problems-with-tsa-2013-12 Based on the demonstrated persistence of their enemies, I have a lot of respect for what Israeli security achieves. Back to Verb vs…

November 2, 2013

Canada’s counter terrorism strategy

https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/trrrst-thrt-cnd/index-eng.aspx Here in Kanukistaniland, Vic Toews (remember him? Check back to February of last year to see an example of him being idiotic in…

August 31, 2013

On ‘paranoia’ – revisiting “Paid to be paraoid”

My fellow CISSP and author Walter Jon  Williams observed that Paranoia is not a part of any mindset. It is an illness. Ah, Walter…

September 14, 2012

Learning to Counter Threats – Skills or Ethics?

Fellow CISSP  Cragin Shelton made this very pertinent observation and gave me permission to quote him. The long thread about the appropriateness of learning…

August 8, 2012

A cautionary tale about the dangers of keeping everything in the Cloud

http://www.brisbanetimes.com.au/digital-life/consumer-security/apple-cloud-burst-how-hacker-wiped-mats-life-20120806-23orv.html “Once the hacker gained access to Honan’s iCloud account, he or she was able to reset his password, before sending the confirmation email…

August 8, 2012

Identity Management in the extreme!

http://www.abcactionnews.com/dpp/news/region_pasco/fantasy-or-criminal-mind-police-find-stash-of-fake-ids-and-uniforms Investigators say Antigua tried to pass himself off as an Air Force veteran, a member of NASA’s Space Shuttle crew, even a doctor…

April 5, 2012

An OP-ED by Richard Clarke on China

http://www.nytimes.com/2012/04/03/opinion/how-china-steals-our-secrets.html This is better written than most ‘chicken little’ pieces, but please can we have ‘history’ of how most nations, including the USA, have…

March 6, 2012

Naval War College uses Russian software for iPad course material

http://www.nextgov.com/nextgov/ng_20120305_6368.php The Navy’s premier institution for developing senior strategic and operational leaders started issuing students Apple iPad tablet computers equipped with GoodReader software in…

February 10, 2012

Please Realize That Piracy is a Service Problem.

http://www.forbes.com/sites/insertcoin/2012/02/03/you-will-never-kill-piracy-and-piracy-will-never-kill-you/ The full article is a bit wordy, and manages to avoid lecturing about how the media industry failed at “service” when it came…

January 25, 2012

“Cybercrime” is still Crime and “Cyberfraud” is still Fraud

http://www.techsecuritytoday.com/index.php/our-contributors/michael-vizard/entry/lifting-the-veil-on-cybercrime This says it all: At the end of the day, cybercriminal activity is not all that different from more traditional forms of organized…

November 30, 2011

Doubts about “Defense in Depth”

 So to have great (subjective) protection your layered protection and controls have to be “bubbled” as opposed to linear (to slow down or impede…

September 8, 2011

Warning – they are out to get you.

McAfee has released a new study on malware in cars: http://www.mcafee.com/autoreport Now you may think that this is scaremongering on the part of McAfee…

August 9, 2011

His Bipolar made him do it

http://compliancesearch.com/compliancex/current-affairs/his-bipolar-made-him-do-it/ An accused hedge fund fraudster’s mother is showing support, by claiming her son is not to blame for defrauding investors out of over…

July 1, 2011

Sony backs U.S. ineffective cybersecurity legislation

http://www.vancouversun.com/news/Sony+backs+cybersecurity+legislation/5030033/story.html “If nothing else, perhaps the frequency, audacity and harmfulness of these attacks will help encourage Congress to enact new legislation to make the…

June 28, 2011

A large scale failure of information security

http://www.informationweek.com/news/security/attacks/231000472 Does LulzSec’s nonstop hacking campaign, and apparent success at taking down everyone from Sony to the U.S. Senate, point to fundamental flaws in…

January 6, 2011

Risk due to network administrators

Someone on a forum I subscribe to suggested that there is a major risk of network administrators misusing their privileges. Why admins rather than…

December 14, 2010

Cell phone risks

Image by Getty Images via @daylife I hope somebody’s thinking seriously about the implications of this: http://www.theregister.co.uk/2010/12/14/us_army_smartphones_4_all/ Israel has already seen some consequences of…

March 5, 2010

White House Cyber Czar: ‘There Is No Cyberwar’

Thank you Howard! This has long needed to be said by someone in authority! Yes, crime and espionage will cripple us all economically. We…

February 28, 2010

The FBI risk equation

It seems that to make better cybersecurity-related decisions a senior FBI official recommends considering a simple algebraic equation: risk = threat x vulnerability x…

Posts navigation

1 2 Next

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

May 2022
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
« Sep    

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Brian Krebs
  • Stupid Security
  • Kill-HUP.com
  • Bruce Schneier
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme