Archive for the ‘Software Security’ Category
Thursday, June 24th, 2010
Over the past several months, I have spent many days in the lab performing Safety to Deploy (STD) tests on our customers' products. Let me tell you, this has been an enlightening and immensely educational experience. If you’re not familiar, the Safety to Deploy test is the first in our ...
Posted in Software Security | No Comments »
Friday, June 11th, 2010
Sometimes this is just too easy! In my last post I whined that AT&T has pushed testing to the back burner by imposing a penalty for bandwidth-hungry applications. I postulated that they would create a situation where app creators would cut corners in order to cut bandwidth requirements, all in ...
Posted in Cyber crime, Fraud, Software Security, privacy | 2 Comments »
Friday, June 11th, 2010
I know you’ve seen the old science fiction B movies where the hero warns the antagonist that they should be careful because killing one butterfly in the past could alter the future in ways that can’t be imagined. But somehow the antagonist winds up smashing some poor defenseless butterfly and the ...
Posted in Cyber crime, Software Security, pci, privacy | 1 Comment »
Monday, February 22nd, 2010
A few days ago I sent out a tweet about an epiphany I had regarding Google. Why isn’t Google considered a utility? I think I know why but let’s start here: they’re considered part of the critical infrastructure, Google affects most of the world population, and Google can affect the ...
Posted in Cyber crime, Fraud, Software Security, privacy | No Comments »
Monday, January 11th, 2010
It’s nice to see the potential for things to go right. What I’m talking about is the appointment of Howard Schmidt to the position of U.S. Cybersecurity Czar. Now, there are those out there that think that this is a bad move. I happen to disagree and I’ll tell you ...
Posted in Enterprise Security, Software Security, privacy | No Comments »
Monday, December 14th, 2009
So I was talking with the CTO of Intelliden (www.intelliden.com), a guy named Glen Tindal. I spend a lot of time talking with folks trying to understand what’s keeping them up at night and what’s working in their environments. Sometimes, like this chat with Glen, it’s just about why things ...
Posted in Enterprise Security, Software Security | No Comments »
Friday, August 7th, 2009
The Red Flags Rule, an outgrowth of the Fair and Accurate Credit Transactions Act of 2003, or as I’m going to call it, the Future Assurance of Consulting Transactions Act of 2003, is another example of bureaucrats trying to solve a criminal problem with technology. FACT’s aim is to stem ...
Posted in Fraud, Software Security | No Comments »
Sunday, July 5th, 2009
How do you release a product that has such a basic flaw in it that one of the fundamental tools that this product provides can be used to turn it into a zombie? What I’m talking about is the newest security flaw to hit the iPhone, the SMS vulnerability. (http://hothardware.com/News/iPhone-SMS-Vulnerability-Found-Getting-Patched/)
I’m ...
Posted in Mobile Security, Software Security | No Comments »
