When Security is Bad for Security

Posted on Tuesday September 21 2010 by hell if i know

Copyright © What The Hell? Security There are 3 kinds of security in business:  Good security, acceptable security and bad security. Good security is the kind that works for the business and for the people who work in it.  It aligns with universally known objectives, and is communicated in a way that motivates people to [...]

Filed under: fraud, security, security sense, security soapbox | Leave a Comment »

FTC to Twitter: “Do Not Be Concerned About Security”

Posted on Wednesday July 28 2010 by hell if i know

Copyright © What The Hell? Security [For context see "The FTC's Bitter-Tweet Victory over Twitter"] The Federal Trade Commission today issued a clarifying statement regarding its recently announced ruling that Twitter had not lived up to its promise of years past to protect consumers’ personal information. “The FTC wishes to reiterate our ruling that Twitter [...]

Filed under: security, security humor, security sense | Leave a Comment »

The FTC’s Bitter-Tweet Victory over Twitter

Posted on Monday July 26 2010 by hell if i know

Copyright © What The Hell? Security Few security happenings leave me speechless. The FTC’s insanely aggressive settlement over Twitter’s 2009 privacy gaffes practically yanked my tongue clear out of my mouth. First off, let’s be honest with ourselves for a minute. This is Twitter we’re talking about. Twitter isn’t a bank. It isn’t a medical institution. [...]

Filed under: security, security sense | Leave a Comment »

The 9 Laws of Phishing (Part 3)

Posted on Sunday June 27 2010 by hell if i know

Copyright © What The Hell? Security [ Part 1 | Part 2 | Part 3 ] (continued ) The 9 Laws tell us quite a bit about designing a viable platform solution.  Let’s step through them again, sketching as we go. Law 1:  Phishing Is About Commerce Web 1.0 was all about commerce.  Only we [...]

Filed under: certificate authorities, hypertext, malware, phishing, security, security sense | Leave a Comment »

Security and the Unforeseen Use Case

Posted on Monday March 15 2010 by hell if i know

Copyright © What The Hell? Security Paul Vixie, venerable champion of DNS, writes a brilliant piece titled What DNS Is Not. Vixie understands what most people don’t, or if they do, they’re too damn quiet about it. When you take a solution to one problem, and apply it against a different problem, you can create [...]

Filed under: security, security sense, security soapbox | 2 Comments »

Man Awakens From Phishing-Induced Coma

Posted on Wednesday March 10 2010 by hell if i know

Copyright © 2010 What The Hell? Security San Francisco, Calif. — A man who spent the last 9 years in a phishing-induced coma awoke today — only to relapse  minutes later upon learning that absolutely no progress had been made on the anti-phishing scene since 2001. In an exclusive interview held at Sanford Wallace Memorial [...]

Filed under: phishing, security, security humor, security sense | 1 Comment »

Next Page »
Follow

Get every new post delivered to your Inbox.