You can't secure what you don't acknowledge.SM

Friday, July 18, 2008

My security content from this week

OK, we're back into the swing of things. Here are two information security articles of mine that were published this week:

AJAX Security - Is anyone listening?

Cross-site Scripting 102 - How it actually works

And here's a recent podcast as well:
The latest on convergence and network standards

As always, for my past information security content be sure to check out


Crack the darn password!

Here's an interesting story about a network admin working for the city of San Francisco who's refusing to give up a password. He won't give it up, then why not just crack it? It's probably a shared password anyway quite possibly stored/used somewhere else on his computer. There are TONS of password cracking tools out there by Elcomsoft and others. This could be an easy task.

Our government at work...

Great quote to think about over the weekend

Remember the Law of Attraction that says we become and achieve what we think about the most? Here's a bit about the one thing - tenacity - that will help you keep driving for what you want in your information security career:

"Let me tell you the secret that has led me to my goal. My strength lies solely in my tenacity." - Louis Pasteur

Wednesday, July 16, 2008

Do your users do online banking at work?

Here's a good reason to not do online banking at work or an untrusted computer. When there's a will there's a way...this is why we'll always have work to do in this field.

The key to moving up and career success

Here's a little snippet I thought of when developing my latest audio program - Certifications, Degrees, or Experience - What's Best for Your Security Career?. I thought it'd make for a good blog post.

Working in the field of information security, never ever forget that you get paid for what you do and contribute to your employer - not for the letters and acronyms that come after your name in your email signature or on your business card. I think security certifications and college degrees CAN benefit you IF you really make the best of it. But there's more to the story...

Click here and here to get some more insight.

Tuesday, July 15, 2008

Good news and bad news about Webroot

The good news:
I finally gotten so fed up with my previous bloatware anti-virus product (I was a 15+ year loyal customer) that I had to move on to something leaner and meaner. I chose Webroot's Spy Sweeper with Anti-Virus. It has received good ratings over the years from PC Magazine and seems to work pretty well. PLUS, I can actually use my computer now without tons of hang-ups and delays. What a concept...

The bad news:
The founder of Webroot, Steven Thomas, (who subsequently sold the business) was found dead two days ago in Hawaii. Awful situation.

Monday, July 14, 2008

Can you imagine a 4-day work week?

The state of Utah is calling for businesses to adopt a 4-day work week. Not a bad idea. *IF* something like this were put in place, employers would save on operational costs and employees can save on gas. And morale goes up too. A win-win. But can you imagine those controlling and ignorant managers!?....Woooweee. What would THEY DO if their employees were allowed to work from home...

Control - it's a good thing and a bad thing - it all depends on the intent.