Category: online security

WordPress wants sites to eat their (patching) vegetables

Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress…

Continue Reading

Good privacy advice from the US DoD

The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…

Continue Reading

Bad biometrics: Samsung’s new S10 phone

When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of assurance for most types of…

Continue Reading

Time to end the cloud-o-phobia

Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye in horror/dismay/astonishment when I read…

Continue Reading

Security risks from domain typo squatters

One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…

Continue Reading

Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000

If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into your bank account or other…

Continue Reading

The war we try to ignore

As information security professionals, our goal is to protect information against attacks on confidentiality, integrity and availability. Today, I want to talk about integrity of…

Continue Reading

Even with security flaws, you should be using a password manager

Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious vulnerabilities in some of the…

Continue Reading

Things to worry about in 2019

In this post, I wanted to take a break from telling you what *I* think the things that should keep you awake at night (at…

Continue Reading

What does your password say about you?

Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and all of its attendant miseries. …

Continue Reading