Gizmodo has decreed that today, February 1st, is “Change Your Password” day. I wholeheartedly agree, especially if you re-used passwords (which you shouldn’t!). In fact, I’d go further: change your password, and start using a password manager. Did I changed my passwords today? I did not, because I used said password manager. I don’t reuse… Continue reading Passwords, Authentication, and Privilege
Category: Security
Zappos Data Breach
Zappos.com recently had a data breach. As data breaches go, it was not nearly as bad as it could has been: no full credit card numbers leaked, nor any plaintext passwords. What makes it special, then? It’s somewhat special to me, since it is, to my knowledge, the first time that I have been part… Continue reading Zappos Data Breach
IT Security Survey
I’m currently working on my MSST Capstone project, which is going to focus on IT security in small organizations and small businesses. If you work in a small business, especially if you have an IT role, please fill out a short survey I’ve put together. It’s 36 questions, mainly yes or no, so it shouldn’t… Continue reading IT Security Survey
New GnuPG key
My GnuPG key was set to expire at the end of this year, so I created a new one. The key is located here. In the extremely unlikely event you need to email me something securely, use this! I’m a big fan of crypto and secure email. Too bad I so rarely have need to… Continue reading New GnuPG key
Google Two-Factor Authentication
Google has recently enabled two-factor authentication for Google products like Gmail. What is two-factor authentication? It means that in addition to providing your password, you need to provide a random verification number that Google will send to your phone, either via an app, a text message, or an actual phone call. Thus, to log in,… Continue reading Google Two-Factor Authentication
Useful Computer Utilities: KeePass
Some time ago I blogged about the password manager I had been using for many years: Password Safe. It’s a great program, one that I recommend wholeheartedly. However, I’ve since switched to a new manager: KeePass. Like Password Safe, it is a pretty functional password manager that allows you to automatically generate and save passwords.… Continue reading Useful Computer Utilities: KeePass
National Internet ID: A Bad Idea
The Obama administration is talking about creating a unique “Internet ID” for web users in the U.S. Commerce Secretary Gary Locke is quick to say it isn’t a national ID card, or even a government-controlled system, but private creation of “trusted digital identities”. Although there are plenty of times where the need for a trusted… Continue reading National Internet ID: A Bad Idea
My 7 seconds of fame on CNN
CNN did a story on the Masters of Science in Security Technologies (MSST) program I’m enrolled in at the U. The story can be found here. I’m in the story for a few seconds of talking and clicking around on my computer at work (I’m clicking on the database app I created, not Solitaire). Except… Continue reading My 7 seconds of fame on CNN
Toyota and data privacy
Why am I so interested in issues of data privacy and data security? I think this story about “black boxes” in Toyota cars illustrates it well. In short, Toyota cars have airplane-like black boxes in many of their cars that can track data like speed, whether the airbags deployed, and so forth. However, the data… Continue reading Toyota and data privacy