How to Maliciously Hack Anything

September 15, 2011

The Microsoft Security Center has this excellent article listing their “10 Immutable Laws of Security” (read it thoroughly): If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore If a bad guy can alter the operating system on your computer, it’s not your computer anymore If […]

Read the full article →

Why Single Identity for Authentication is an Impossible Dream

September 6, 2011

Jeff Atwood once again points us to the Internet nightmare of maintaining several passwords for logging into so many different websites. Every time you touch a website that actually cares who the heck you are — and this is an increasingly large list of sites as the web matures — you have to, sigh, “log […]

Read the full article →

Common Passwords

January 4, 2011

The Wall Street Journal recently posted the top 50 passwords leaked from the Gawker website. Some of it is funny, including “trustno1” which for some reason, meant trusting Gawker with one’s username and password. Jeff Atwood had a good analysis about what one could learn from the hack. I mostly agree with it, but would […]

Read the full article →