When Security is Bad for Security

Posted on Tuesday September 21 2010 by hell if i know

Copyright © What The Hell? Security There are 3 kinds of security in business:  Good security, acceptable security and bad security. Good security is the kind that works for the business and for the people who work in it.  It aligns with universally known objectives, and is communicated in a way that motivates people to [...]

Filed under: fraud, security, security sense, security soapbox | Leave a Comment »

The 9 Laws of Phishing (Part 2)

Posted on Wednesday April 28 2010 by hell if i know

Copyright © What The Hell? Security [ Part 1 | Part 2 | Part 3 ] (continued) Picking up at Law 9 of my 9 Laws of Phishing manifesto: 9. The solution is a platform. So why a platform?  Because the phishing problem itself spans a number of platforms:  devices, operating systems, and applications to name [...]

Filed under: certificate authorities, hypertext, phishing, security, security soapbox, ssl | Leave a Comment »

The 9 Laws of Phishing

Posted on Monday April 5 2010 by hell if i know

Copyright © What The Hell? Security [ Part 1 | Part 2 | Part 3 ] What the hell is it about phishing that makes it seem so intractable? First off, let’s talk intractable.  An uncontrollable or incurable problem. Computational complexity theory adds a convenient twist: A problem that can be solved, only not fast enough [...]

Filed under: certificate authorities, hypertext, phishing, security, security soapbox, ssl | Leave a Comment »

GOTO Website Considered Harmful

Posted on Tuesday March 16 2010 by hell if i know

Copyright © What The Hell? Security You wanna know the biggest problem with the Web? Browsers. I actually don’t mean the fact that every browser I’ve encountered is a steaming pile. But now that I’ve brought it up, let’s talk about that too. Sure, some browsers steam less than others.  But be honest.  Browsers have [...]

Filed under: security, security soapbox | Leave a Comment »

Security and the Unforeseen Use Case

Posted on Monday March 15 2010 by hell if i know

Copyright © What The Hell? Security Paul Vixie, venerable champion of DNS, writes a brilliant piece titled What DNS Is Not. Vixie understands what most people don’t, or if they do, they’re too damn quiet about it. When you take a solution to one problem, and apply it against a different problem, you can create [...]

Filed under: security, security sense, security soapbox | 2 Comments »

Bit.ly Fantasizes of Combating Twitter Scams

Posted on Tuesday December 8 2009 by hell if i know

Copyright © 2009 What The Hell? Security If you believe that Bit.ly is going to solve their shortened URL problem the way they intend to, have I got a story for you. [Sidebar:  Be aware that it's completely safe to click on the links in the previous paragraph.  If you don't believe me, select View [...]

Filed under: fraud, hypertext, phishing, security, security soapbox | Leave a Comment »

Next Page »
Follow

Get every new post delivered to your Inbox.