What The Hell? Security is All Thumbs!

Posted on Tuesday September 29 2009 by hell if i know

Copyright © 2009 What The Hell? Security Here’s a perspective on security that always nets the biggest win:  Don’t objectify it. If you’re looking for five digits, odds are you really want a hand. Security, forever the opposable thumb, is indeed separable from the hand of reliability.  (It’s also what distinguishes our software from that [...]

Filed under: security, security soapbox | 1 Comment »

What The Hell? The Web Isn’t Supposed To Be Secure!

Posted on Monday September 28 2009 by hell if i know

Copyright © 2009 What The Hell? Security There’s a really good reason that Web security is such a pain. It’s not supposed to be secure. Sorry to break it to you, but hypertext was thirty years old before we decided to use the Web as a platform for commerce.  That’s, what, three years longer than [...]

Filed under: fraud, hypertext, malware, phishing, security | Leave a Comment »

What The Hell? 8 Skills of the Hellacious CISO

Posted on Monday September 28 2009 by hell if i know

Copyright © 2009 What The Hell? Security CISOs, let’s face it, are a dry breed.  But some really know how to raise hell.  In a good way.  Here are eight skills to, ahem, emulate. 1. Abate – The bad rep security has among people who like to deliver projects on time. 2. Automate – In-house.  [...]

Filed under: security, security sense, security soapbox | Leave a Comment »

What The Hell? Checkout Is The Last Place To Instill Trust!

Posted on Tuesday September 15 2009 by hell if i know

Copyright © 2009 What The Hell? Security There’s a belief among CAs (ok, VeriSign) that a merchant can minimize the number of abandoned carts — presumably by promoting them to orders — by introducing trust symbols at checkout.  Symbols like the green bar and VeriSign’s logo.  Balderdash. Checkout is the last place to do it. [...]

Filed under: certificate authorities, fraud, security, ssl | 1 Comment »

Follow

Get every new post delivered to your Inbox.