Category: Privacy Subcategory: information
...
This feed is provided by, the responsiblity of the provider. Click the link above for complete information.
Last Update: Sat Sep 30 07:24:28 2006 | | + The Challenge of Man-in-the-Middle Attacks +
Since the Citibank man-in-the-middle attack , the awareness and concern around this issue has increased substantially as it [...] that can thwart such attacks. These include: 1. Employing challenge-and-response authentication methods with sufficient en |
| + The Carrot and the Stick and the Baseball Bat +
The VA stolen laptop case is a great example of what’s wrong with just having a “stick”. As discussed (ad passim, ad [...] security will ensure that technology continues to provide productivity gains organizations need to stay competitive and efficient.
|
| + Wimping Out +
I am a terrible handyman – not because I lack inspiration or skills (OK – maybe I lack skills) but because, most significantly, [...] data unusable, even if it is stolen. The implementation of these measures does require organizations to invest to change bu |
| + How do you know… +
I read that a remake of Miami Vice is coming this summer. South Beach is one of my favorite places but I was never a big fan of [...] just needs to ask – do I trust this credential in this context – and the security technology figures it out. But it is compl |
| + A Tale of Two Cities +
I spend a fair bit of time on both sides of the US/Canada border. It is interesting to watch the different stages of the data [...] Commerce bill. With elections coming up it’s a good news story to take to the constituents. And it’s the right thing to do.
|
| + (int) auth != (float) auth; +
It’s been almost twenty years since one of my first (and one of my last) computer science classes. I don't remember much and [...] selecting a suite of authentication methods that provide degrees of confidence in identity - usually commensurate with the risk of th |
| + Phishing & Digital Signatures +
Postbank , a large German bank, is one of the first to digitally signed e-mails to counter phishing. This is made possible by the [...] detailed before , if the wrong people gets the PKI credentials to issue digitally signed e-mail, the whole scheme falls apart...
|
| + DoJ ID Theft Data +
The Department of Justice released its first report on estimates for Identity Theft in 2004. In terms of on-line forms of [...] information is stolen and used to perpetrate fraud. Unfortunately, the data is approaching three years old... not that useful. |
| + Crypto Standards +
Last week, the Computer Security Industry Alliance provided comments to the U.S. Congress Committee of Financial Services on [...] by multiple parties, its security implementations are not consistent nor have they been tested and certified - by someone like NIST. |
| + Phishing Research +
A colleague of mine was educating me on the terms “first-party” and “third-party” accreditation in the context of browser [...] in which certificates are handed out and making a new “padlock” more visible. Per previous entries , that is underway. |
| + Smooth Operator +
So, per my last entry on PKI , we know that there are PKI enabled applications everywhere we turn. We also know that these [...] infrastructure. In this case, a very efficient approach is for the user to be prompted to input some information that can |
| + Algorithm Flexibility +
About a year ago, a significant vulnerability in the SHA hashing algorithm was announced and this has led to the recommendation [...] changes, there is a significant risk of the continued use of vulnerable ciphers as well as mounting interoperability issues.
|
| + Never mind who shot J.R. Who shot SSL? +
SSL is seen by most as the padlock that appears in the bottom of the browser window when a user visits a site that has obtained an [...] they work. Unfortunately for the end user, the browser provides no distinction between different SSL certificate issuer processes |
| + Good Company +
As I said in my last entry – PKI is back with a vengeance, with one of the key reasons being application availability. When [...] providing a single layer to access PKI security services through CAPI – relieving application developers of much of the heavy lifti |
|
title: "Voice on Identity"; RSS XML Feed
| More Featured Listings
What people are searching for:
• safes •
|