Thinking About Mobile Security [securitytheater.phoneboy.com]
Mobile devices are, like any powerful tool, a double edged sword. They enable unprecedented ability to access and create information from anywhere! The potential for data leakage is substantial!
Check Point: R75.20, SecurityPower, and New Appliances [securitytheater.phoneboy.com]
By now I'm sure you've seen, heard, or read Check Point's official announcements made at NASDAQ this morning. This is by no means a regurgitation of the official press releases, but it is my own pers…
Securing Mobile Devices May Be Impossible [securitytheater.phoneboy.com]
From via Securing Mobile Devices May Be an Impossible Task: Thats a quick and easy way to get access to user data and sensitive information. There's not much you can do about it, either.
3D Security Analysis Report: Home Edition [securitytheater.phoneboy.com]
If you're a (potential) Check Point customer, you've likely heard of our 3D Security Analysis Report. I let it it run for a day or so to collect traffic. There were a couple of surprises here.
Parking Lots and PCI Compliance [securitytheater.phoneboy.com]
Like many things in Computer/Network Security, I've learned many things as a result of my job. Many parking lots, especially in big cities like Seattle, are self-service. In plain sight.
Denial of Service: An Old Classic Not Going Anywhere [securitytheater.phoneboy.com]
The implementation details will vary depending on the attack target and the request type, but the basic concept of a denial of service is to overwhelm a target with a seemingly legitimate series of r…
Trust No One? [securitytheater.phoneboy.com]
Trust. It's something I'm sure many security professionals think about in various contexts. There's an insane amount of things we simply trust without really thinking about it. This includes:
Unsafe At Any Version? [securitytheater.phoneboy.com]
It's funny, every time I read about yet another security vulnerability in Internet Explorer, such as the recent one involving Adobe Flash hosted on the Council of Foreign Relations website that perfo…
In Information Security, Trust Matters [securitytheater.phoneboy.com]
In a previous post, I asked if we could trust no one in Information Security. The reality is that, at some point, we have to trust. We have to trust that we have the right policy in place.
How to Catch People Outsourcing Their Own Jobs [securitytheater.phoneboy.com]
I've heard of companies outsourcing jobs to China. I used to joke with my remote co-workers that I had been replaced by a Perl script. That's how "Bob" was able to get away with this for months!