Although I am not “certified” security professional, security and privacy concerns are something I am regularly engaged in and have to address with clients regularly. I often hear “I have nothing to hide” or “I’m not very interesting”. Both of those things may feel true to you as you say them, but they’re not actually […]
Cindy Cohn, Executive Director of the Electronic Frontier Foundation; September 24, 2019 Technology should empower you. It should put you in control. You should not feel used by the company that provides it to you. And if you’re a builder of technologies, we believe you should always carry the responsibility to empower your users. Ultimately […]
A note from Keith: We will not be working on Sep 27. We’ll be taking part in the global climate strike. I understand that this may be inconvenient if you are working that day–if you have a bonafide emergency (i.e. there are health risks or serious money is being lost) you can contact me on […]
An important aspect of privacy is the right to not know what we don’t want to know. This, coupled with the right to protect our private data whether we know or understand the risks are critical to keeping ourselves from simply being “owned” by big data collectors like tech giants, insurance companies or even the […]
A client confessed to me yesterday that one of their key login passwords is “password.” I was dumbfounded. I sometimes forget, because I’ve been talking about security with clients for so long, that the most basic password management remains a widespread problem. “I don’t have anything very important”, “I’m not interesting”, or “I don’t have […]
Start with an ill-defined problem or hope. Don’t bother spending time clearly outlining the issues you are trying to address. Surely it’s enough to say we have a problem.
Better yet, let your vendor define the problem for you in terms that fit their solution.
Everyone is buzzing this week about cameras and fridges sending spam. If you’re just hearing this now, you can catch up the sensational version or find more technical details here. Should you freak out? No. However, it is concerning. It shows that manufacturers and users haven’t learned very much. The most likely cause of this […]
I was reading an article today that put some numbers to a problem I’ve been aware of for some time: inappropriate data transfers to personal equipment. While the basic story was not news to me (or many other security professionals I’m sure), it was interesting to see some numbers put to the scale of the […]