For better or for worse, we presently rely very heavily on username/password combinations to identify ourselves to computers and other devices in our daily lives. Many — perhaps most — of these password management techniques are flawed, despite the fact that they show up in many so-called Best Practices guides. Although we should be moving rapidly toward 2-factor authentication, this note examines the problems with passwords as they exist today.
Last night I went along with friends to dinner at the Gozanbou teppanyaki restaurant on the top floor of the Kyoto Granvia Hotel. I was gobsmacked at the high quality of the food, the surroundings, and, indeed, the entire experience. What a treat! The evening started with garlic, and lots of it. Frankly, I think [...]
In July, I gave a keynote speech at the 2009 annual conference of the Forum of Incident Response and Security Teams (FIRST) in Kyoto, Japan, that focused on the communications barrier facing computer security incident response professionals in their cross-cultural dealings with their Asian counterparts. This was the first and, thus far, only time I’ve [...]
I gave a keynote speech at the 2009 annual conference of the Forum of Incident Response and Security Teams (FIRST) in Kyoto, Japan, that talked about my observations of Japanese business operations, highlighting the differences that become barriers to communication. This morning, I had the privilege of seeing a write-up of the talk in IT [...]
Although I’ve spent the past several years of my professional life being involved in information security policy and management, my first love is still computer operating system security. In this field there’s a fair amount of special terminology, and one of these special terms is “protection rings”, which is a way of saying that, for [...]
