Cartoon
Found it at Bruce Schneier's blog. It really is a hilarious example of Cover Your Ass (CYA) Security.
Friday, May 18, 2007
Saturday, May 12, 2007
Schneier: Is Big Brother a Big Deal?
Is Big Brother a Big Deal?
From the article:
Big Brother isn't what he used to be. George Orwell extrapolated his totalitarian state from the 1940s. Today's information society looks nothing like Orwell's world, and watching and intimidating a population today isn't anything like what Winston Smith experienced.
From the article:
Big Brother isn't what he used to be. George Orwell extrapolated his totalitarian state from the 1940s. Today's information society looks nothing like Orwell's world, and watching and intimidating a population today isn't anything like what Winston Smith experienced.
Wednesday, May 09, 2007
When you think you know what you don't know...
I was attending a Legal Issues on E-Commerce lecture yesterday and I was amazed by the superficial knowledge of the audience on security matters. Being totally ignorant is something I understand, since they may have never had the chance to learn about it, but believing you know about it when you don't is absolutely disappointing.
So we were talking about digital signatures on e-mails and online transactions in general and a guy claimed that when you apply for an e-mail address and give out your name and address, it is the provider's obligation to verify that info and therefore when you get a mail from someone you really should trust its source (yeap, the "From:" field). Can you believe it?
OK, maybe he has never heard of spoofing an e-mail address or taking over ones account but how can he be so sure of the facts to argue that an electronic message coming through a "known and well-respected" provider's network is something you can trust?
Anyhow, here are some Wikipedia links concerning Digital Signatures, Electronic Signatures (totally different object) and Public-Key Certificates.
So we were talking about digital signatures on e-mails and online transactions in general and a guy claimed that when you apply for an e-mail address and give out your name and address, it is the provider's obligation to verify that info and therefore when you get a mail from someone you really should trust its source (yeap, the "From:" field). Can you believe it?
OK, maybe he has never heard of spoofing an e-mail address or taking over ones account but how can he be so sure of the facts to argue that an electronic message coming through a "known and well-respected" provider's network is something you can trust?
Anyhow, here are some Wikipedia links concerning Digital Signatures, Electronic Signatures (totally different object) and Public-Key Certificates.
Subscribe to:
Posts (Atom)
