The bad guys will use BitLocker, too

Got an email today from a customer asking about how BitLocker will affect the ability of law enforcement to conduct forensic analysis of a protected hard drive. Specifically, the person was asking about any back doors that law enforcement could use to bypass the encryption. The answer is very simple, and I’m sure not what…

14

TechNet: Exploring the Windows Vista Firewall

New article up… Back in the days of the paleocomputing era, no one ever thought about installing firewalls on individual computers. Who needed to? Hardly anyone had heard of the Internet, TCP/IP was nowhere in sight, and LAN protocols didn’t route beyond your building or campus. Important data lived on the mainframe or file servers—the…

1

America, wake up: stop being "security sheep"

OK, I need to complain a bit here. Yesterday I went to Best Buy to get a new digital camera. I already knew which one I wanted, so I found a sales guy, pointed to the display unit, and said, “I’d like one of these.” “Sure,” he replied. He found the keys, unlocked the cabinet, pulled…

18

Mythbusters beat "unbreakable" fingerprint door lock

My good friend Jamie Sharp sent me this link today. It’s amazing: watch how Adam and Jamie easily defeat a fingerprint lock the manufacturer claims has never been broken. As if to snub the claims, they break it three times! Supposedly it monitors pulse, sweat, temperature, and other attributes. First, Adam obtains an impression of…

13

File under: "You've got to be kidding!"

Today I upgraded the brain on my i-mate K-JAM. Which, of course, requires a hard reset, meaning that I get to spend a relaxing day re-installing and configuring all my applications. Usually when I do this (too frequently, it seems) I browse around for new and improved software. While perusing www.pocketgear.com for updated travel-related software, I stumbled…

3

New site at the top of my favorites list

You know, stupid security abounds. I just discovered this site today, and I plan to become a regular visitor — and probably a contributor, too! I encourage you to explore it and enjoy. Oh, some advice: it probably would be unwise to read an offline archived version of this site on an airplane. 🙂 Stupid…

4

The Internet routes around outages -- and censorship, too

Have you seen this yet? “Grokster ruling begins the good fight” If you haven’t, it’s worth your time to read — it’s a terrible shibboleth for a U.S. “national firewall.” Coursey is promoting the idea that all U.S. Internet access should pass through a firewall that will block file-sharing and gambling sites. Since most of these sites…

3

Cluelessness abounds

So yesterday I received a rather interesting email. Subject: “INFOSEC Scholarships & Fellowships for PhD or MS + Free CISSP Exam Prep Events.” Hm, I didn’t know that “information security” suddenly became an all-caps acronym. How come no one asks me first about these things? Anyway, it purports to come from the University of Fairfax,…

2

Lousy security

Lousy security is all around us, and I’m not even thinking about airport security here (which, I admit, i love griping about). Here I have in mind lousy computer security. And lest you think I’m proceeding to engage in naval-gazing introspection, no — I’m not going to write about our own products. Jesper already wrote up his impressions…

2

Airport security silliness

So today (Thursday 21 July 2005) I flew from Seattle to Dallas for a customer meeting. Since it’s a short one-day affair, I packed my small carry-on size suitcase. In it was a pair of shoes, one pants, one shorts, two shirts, a toiletry bag, and my collection of wall warts (AC adpaters). Seems normal, so…

5