Blog

The terrible attacks in Paris last night remind us that evil is part of the world that we live in. Events of this sort always bring to mind the concern about stopping the next attack by terrorists. Fortunately, mounting a large attack of this sort requires...

For much of the last 20 years we have used an incredible software-defined radio to search for eavesdropping devices. It was made by the famous Watkins-Johnson company. Aside from great performance this radio had the mystique of being used by spooks. It was a standard...

For years the differences between US and other countries laws have been resolved by agreements which respect both sides concerns. With regard to data transmission, e.g., personnel records within an international company, Safe Harbour rules are often defined. They allow companies from other countries to...

Kidnapping always makes interesting news. Having just returned from an international business trip, the article "What Companies Should Do if an Employee Is Kidnapped" in yesterday's Wall Street Journal caught my attention. The author, Nicholas Elliott, provides a checklist for countries where kidnappings are common: Don't...

In the last 20 years PDF (portable document format) files have become a standard for data interchange. Adobe Acrobat or Reader are the common programs that are used to open these files. When they are opened, mysterious contents can include bad stuff (malware). Since 2001 PDF...

For a while we have heard of really clever hacks. Things like USB memory devices that can implant bad stuff on our computers. Here's a just-discovered scary one. Lenovo is apparently shipping their computers with a permanent back door giving them control over the machine...

Some computer security news is painful. Here's one about EMET that is good news. Microsoft has an add-on called the Enhanced Mitigation Experience Toolkit. It really does increase the difficulty for intruders to exploit Windows. I have used it since it was first announced and recommend...

Today I enjoyed the opportunity to be one of the instructors in a ASIS CPP certification program. My topic was information security in the face of today's risks. The big change in computer network defense is today's axiom, "The attackers are already inside my networks". Firewalls...

We all receive waves of unsolicited (and downright yucky) emails coming in from time to time...

There's nothing that can get your attention like an immediate death threat. Sometimes they seem random, like that aircraft crash that is moments away. Others are really personal like a guy with a gun pointed at you. Having survived these and a few others I...