Michael Gracie

FYI: Red Herring released their North American Top 100 private companies list - several in the security realm are included.

All’s well for your hard drive data, with a little encryption, but you still aren’t going to prevent the wholesale theft of your computer without the old-fashioned lock and key.

It seems the same goes for fancy cars.

Internet “security experts” are warning that VoIP calls are less secure than traditional landlines. One notes that the next generation of spam will be through your VoIP voicemail, while another says not to accept calls from strangers.

I already get five plus “unwanted” voicemails a day from people I barely know, and yes, I am a VoIP user. But I get just as many on my cell. Why? Because I give out my business card every now and then! Call them “strangers” if you must, but I received five times that number of voicemails from folks when I did have a landline (although being too lazy to add my number to the do-not-call registry probably contributed to that).

“Don’t talk to strangers” is something I learned in kindergarten - its poorly crafted FUD if I do say so. If someone can show me a proof of concept on a VoIP privacy hack, I’ll stand corrected.

Techdirt points out that security firms have a real predicament on their hands - trying to balance the fear of security issues with the need to sell more software. The problem gets even bigger once software firms cry wolf too many times, then computer users quit worrying about the problems. That ignorance is just begging for a real disaster scenario.

But, are those that project an air of indifference to safety in their own little environs (i.e. Linux and OS X users) part of the lethargic crowd, or do they know something everyone else doesn’t?

When you walk through the checkout line at your favorite discount retailer, you don’t wonder why the clerk is in such a pissy mood. When the guy hanging on to the side of that big truck slings your garbage all over the street and moves on, you don’t ask yourself “what was he thinking?” And when the person at the drive-though window hands you somebody else’s order, and shortchanges you, what do you think you are really going to accomplish by complaining?

Gives you a pretty good idea of why IT security seems like it is in such a state of shambles - keeping the house locked down is a thankless job!

Cyber-Monday, the first workday after the Thanksgiving weekend, is when folks head back into the office to do all their holiday shopping. There was a lot of buzz about it, and even a few reports of good vendor results. What is the reality?
Read more »

Computer security professionals are starting to get some attention from upper management, at least in Europe. C-level execs are listening. With all the groundbreaking reports coming out of Spamroll, how could you blame them?

Of course, in the US security folks get windowless offices in the basement and 486s with monochrome monitors. The CEO is in the penthouse suite trying to figure out why he pays his bills on time but his FICO score is 250 (he has a “paper double” but just doesn’t know it yet).

According to Professor Klaus Brunnstein of the University of Hamburg, as technology continues to grow in complexity, so will it’s security risks.

Brunnstein boldly points out that security needs to built into technology, not viewed as an afterthought. I wonder where he got that idea (for a clue, click here)?

Today, Computerworld pumped out this piece about Apple’s iPod, and the flexible layer it possesses for storing everyday data in addition to music. The article then goes on to speculate that Apple in the personal storage business, but disguises it as the music business. That all makes a lot of sense.

What hit me hard, however, was the mention of data security issues, and how the popular iPod could be a mechanism for data theft. It is there that I also have to agree, but I don’t think that singling out the iPod serves any real purpose here.
Read more »

Jon Oltsik of Enterprise Strategy Group reported on the state of security as large organizations, and the news is not good. You know the stories of data thefts at Choicepoint, Bank of America, and Siesint - large amounts of personal data stolen, and not necessarily via an IT hack. It seems they are the tip of the iceberg.
Read more »