Mythbusters beat "unbreakable" fingerprint door lock

My good friend Jamie Sharp sent me this link today. It’s amazing: watch how Adam and Jamie easily defeat a fingerprint lock the manufacturer claims has never been broken. As if to snub the claims, they break it three times! Supposedly it monitors pulse, sweat, temperature, and other attributes. First, Adam obtains an impression of…

13

Yes, everyone knows you're a dog

Amazing how long the legs are on the AOL search debacle. Of course, we in the online community often beat such storeis to death, if only because they deserve it! Recently Kim Cameron posted the search history of user 16006693, which flits “from politics, to retirement, to politics, to religion, to sex, quickly back to religion…

2

Security myths and passwords

I like this a lot. http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/ In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. It is also the case that as technology…

3

What do YOU need out of two-factor authentication?

Two-factor authentication continues to grow in popularity and emerge as a security requirement for many people I meet with. At Microsoft, we use smartcards internally for VPN access right now; soon we’ll be requiring smartcards for domain logon, too. We are also looking at ways to require two-factor authentication for web-based services, like Outlook Web Access, published…

41

It's me, and here's my proof: why identity and authentication must remain distinct

My February Security Management column is posted: http://www.microsoft.com/technet/community/columns/secmgmt/sm0206.mspx No matter what kinds of technological or procedural advancements occur, certain principles of computer science will remain — especially those concerning information security. I’ve noticed lately that, among all the competing claims of security vendors that their latest shiny box will solve all your security woes, a…

7

New column -- Using IPsec for network protection

I’m now writing semi-regular articles for TechNet. These are part of the security management series, and they’re also linked from the security newsletter.   The first column is a two-parter about IPsec. Part 1 describes the technology: how it operates, its various modes and methods, a bit on IKE, and how it works over NAT.   http://www.microsoft.com/technet/community/columns/secmgmt/sm121504.mspx…

6