Recently, I finished reading “The New School of Information Security” by Adam Shostack and Andrew Stewart. It’s only about 200 pages, so it’s certainly worth your time to pick up and read. Some people will compare it to “Security Metrics” by Andrew Jaquith (or many others), but I think this book is very […]

Here’s a new 2008 security prediction for you –
The iPhone camera is an odd device. There is no notification that a picture is being taken, so the only requirement for malware is to wait for user activity and then start taking pictures.
My prediction is that malware will be written to do just this and […]

In my earlier article on Using Google Analytics to Subvert Privacy, I demonstrated how dangerous free tools could be to match privacy information to web clicks.
But now that Google has updated their Analytics service to support internal search queries, you can now link user privacy information to search data, as well. Now everyone can […]

A lot of commotion has recently been stirred up around California Governer’s, Arnold Schwarzennegar’s recent vetoing of a bill (AB 779) that would strictly mandate all merchants to comply with. Many have scoffed at the Governer’s “caving to lobbyists and members of the retail industry.” You know what?? I actually agree with the Governer’s vetoing […]

A new release of Wordpress 2.3 was shipped last night. One of the features it sports is:
Our new update notification lets you know when there is a new release of WordPress or when any of the plugins you use has an update available. It works by sending your blog URL, plugins, and version information to […]