From Oslo With Love
Let’s say you’re in the widget business. You studied widgets in college, made Lego widgets as a child, even named your dog Widget. If there’s anything you know a thing or two about, it’s widgets. And you’ve built a great business building widgets. Those in the know call you the Widget King. You’ve put three kids through college on widgets and even bought yourself a little widget bungalow on a coastal island somewhere. You are the man, or the woman! (more…)
Camp Songs For IT Professionals
It’s summertime, and the livin’ is easy. Fish are jumpin’, and the cotton is high. If you’re lucky, the old memories from summer camp return to the fore, as nostalgia delivers you from the daily stress of network security and constant threats.
Introverted Social Media
Even if we could isolate the recent activity of Russian hackers, imagine a mainstream marketplace for nefarious services provided by invisible people paid in Bitcoin.The information you seek is mined from the personal profiles and accounts of your target audience, whether that audience is a cheating spouse or a rebellious teenager with a hidden social media presence. It’s a complete violation of privacy, and we feed our own vulnerability with every trace of our digital footprint. (more…)
Bundle Up To Avoid The Cold
With every passing week, it seems, cyberthreats and hacks inundate the news cycle and bring home the absolute insecurity that most of us experience (or should) when we take even the smallest of baby steps with our digital footprints. Of late, it’s the Russians who seem to take center stage, hacking our politics and manipulating our elections. Though we could debate the extent of the success, nobody seems to doubt the intent any longer. If those chilly diplomatic breezes seem to intimate a second cold war, will cyber be the weapon of choice? Is it already?
Breach is a Heartbeat Away
OpenSSL, the vehicle through which the Secure Sockets Layer protocol protects most websites that encrypt data, has reminded us again of both the vulnerability and security of open source development. The Heartbleed bug, an accidental code addition about two years ago, exploits the heartbeat option within OpenSSL, a mechanism that allows fluid connectivity between user and server via small, hidden signals or pings. Hackers breach the system by sending false signals that fool a website’s server into releasing sensitive information. Hence the vulnerability.
Heartbleed, though, also demonstrates the security of open source development. While its revelation created initial fear and chaos, the Heartbleed bug was fixed within about four days, largely because lots of eyes were on the prize, each pair of which had a vested interest in the elimination of the Heartbleed threat. Imagine if the SSL vehicle had been proprietary, owned by a quiet company with no taste for conflict or liability. Now that’s a hot mess. (more…)