Currently browsing category

Security, Page 3

Further thoughts on how to secure my digital assets

Further thoughts on this problem. It appears that my different digital assets should be managed using different protection levels. Examples: I don't want my family photos to be publicly accessible. But if a few are, or even if all of them are, that's a much smaller problem than if the login information for all of…

It’s Time To Abolish SSL Certificate Authorities

Yet another case this week where unsuspecting users were compromised because a certificate authority that they had never heard of screwed up. In case you hadn't heard, they issued a certificate for google.com (Google!) to somebody other than Google, and apparently that certificate was in fact used to compromise users in Iran. This is not…

Hayden: Google Acting as a Nation-State

Great to see somebody on top of things, here Michael Hayden, previously director of the NSA and the CIA in the context of the Shady Rat attacks: “You see Google acting in some ways as nation-states used to act, exercising to the best of their ability some attributes traditionally associated with sovereign states. ‘We’re going…

“HTTPS Now” Campaign Unfortunately Does Not Fix the Problem

EFF activist Eva Galperin in quoted in a ReadWriteWeb article introducing their new campaign: "HTTPS provides the minimum level of security for websites. Without it, no site can make any meaningful security or privacy guarantees to its users." Well, wouldn't that be nice! Particularly if HTTPS actually were providing that security. For a counter-point, read…

What Is Wrong With Nuclear Power Plants

I lived through the Chernobyl disaster back in 1986, as a teenager, in Germany. I recall watching the radioactive cloud coming closer and closer on TV, wondering whether it was ever going to be safe to go outside again. That was before I became an engineer, but I remember pondering even then whether it was…