You can't secure what you don't acknowledge.SM

Friday, May 16, 2008

My security content from this week

Here's an information security article published this week:

Security tools that can boost Windows Mobile security


As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.

Enjoy!

Wednesday, May 14, 2008

Interesting breach making the headlines

Apparently Dave and Buster's (a favorite place of mine for food and fun) is one of the latest security breach "victims". This is a VERY good reason to NOT use debit cards (what consumer guru Clark Howard calls piece of trash fake Visas and fake Mastercards).

I never use a debit card at a store or restaurant if it looks like the card scanner is connected directly to a computer. That's a great tip-off that the debit/credit card numbers are stored locally on the machine. Heaven knows these systems are probably not protected the way they should be from attack. But this attack method is new. The attackers were capturing traffic in transit from the POS servers at the restaurants to the central system at the Dave and Buster's headquarters and a third-party processor's systems. Very clever.

The bad guys are always one step ahead, huh. I'll venture to guess that a lack of good security testing played a part in this...

Tuesday, May 13, 2008

Forthcoming information security bailout?

A la the $300 billion housing bailout sponsored by the American Taxpayers (can you believe that!), maybe our government can one day bail out all of the irresponsible business managers that refuse to take information security seriously as well..??

Man, can you imagine what $300 billion could do to improve security for the ignorant masses of business goons across this country!? I'm thinking firewalls for everyone. Maybe even new wireless APs that support WPA encryption. Oh, and how about drive encryption software for every laptop. Sort of a "No Laptop Left Behind" program. These are all that are needed for security anyway, right?

It's so easy to spend someone else's money. Isn't the government so nice in everything they do for us so we don't have to bother? I'll bet if we ignore what's going on in Washington long enough, some representative with our "best interests" in mind will propose such a plan.