Worried about the wrong things? It’s always the wrong thing.
Guy Wright’s piece titled Internet Security: We were worried about the wrong things is a bit old but it’s an important point. Security is a moving target. It’s always a moving target. I disagree,...
View ArticleSSDs, data loss, electricity, and hype
I’m not particularly worried about this, but under the very worst case scenario, certain solid-state disks can theoretically lose data in a week or two if they’re left without power. But that doesn’t...
View ArticleWhy shouldn’t corporations just let software auto update?
I’ve been hearing the same new idea at work for about 10 years. The idea is pretty straightforward: Since my home PC updates itself whenever it wants and I don’t have problems, why don’t we do the same...
View ArticleFinal thoughts on the Houston Astros’ database
One of my college buddies (Hi Christian!) shared my previous post on Facebook, pointing out that I’m a long-suffering Royals fan in Cardinals country, and adding that what I said was balanced and...
View ArticleHow to mitigate MS15-078 or future Microsoft font driver vulnerabilities
Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the...
View ArticleWomen in tech: The forgotten story of Vector Graphic
I frequently hear lamentations about the number of women in the technology field–or the lack of them. Although there have been a number of successful women in the field, such as Meg Whitman, CEO of HP...
View ArticleFive things security experts do vs. five things non-experts do
There was a fair bit of talk last week about a study that compared security advice from security experts versus security advice from people who are at least somewhat interested but don’t live and...
View ArticleThe workstation events you want to be logging in Splunk
Every once in a while the NSA or another government agency releases a whitepaper with a lot of really good security advice. This paper on spotting adversaries with Windows event logs is a fantastic...
View ArticleHow the Amiga could have lived to age 30 and beyond
It was 30 years ago this week that Commodore released its landmark, long-time-coming Amiga 1000 computer–the first 1990s computer in a field full of 1970s retreads. Yes, it was a 1990s computer in...
View ArticleDroidpocalypse? Josh Drake says no.
Josh Drake, the researcher who discovered the Stagefright vulnerability in Android that lets an attacker hack into an Android device by sending a specially crafted picture or video in a text message,...
View ArticleThe downside of streaming music
There’s a new rule when it comes to security and privacy: If a service is free, then you’re the product. Actually, come to think about it, the rule isn’t so new. I’m the product when I listen to the...
View ArticleThe freedom to fix our stuff
This week the Wall Street Journal ran an editorial about the right to fix our gadgets. It was surprisingly pro-consumer. The author wrote about a friend whose Samsung TV broke due to $12 worth of...
View ArticleFlash isn’t Shockwave and Shockwave isn’t Flash
Bad things happen when security pros like me start asking our infrastructure brethren to patch Flash. We get better security, but the Flash upgrade fails enough of the time to cause extra workload, and...
View ArticleA sports analogy for security
Imagine you’re playing a sport. The sport doesn’t matter. What matters is you’re playing, and so is the opponent, and you have to follow the rules while they don’t. But you still have to prevent them...
View Article‘PC Does What?’ seems doomed to fail
A coalition of Dell, HP, Intel, Lenovo, and Microsoft are trying to figure out how to reverse the downward trend of PC sales, and what they came up with was a marketing campaign called “PC Does What?”...
View ArticleAnother reason to block fonts at the proxy
Last week Apple released a bunch of patches up and down its product line. One of the vulnerabilities it fixed in OS X was a vulnerability in its font parser. In the past you could mitigate...
View ArticleAvailable diameters of tubular O and O27 track
A frequent question, especially for those who are just discovering or rediscovering vintage Lionel and Marx trains is what sizes of track are (or were) available, and how many pieces come to a circle....
View ArticleHere’s a better laptop than the typical Black Friday specials
If you want a better laptop than the typical Black Friday special, I found just the thing: this Dell Latitude E6420 laptop from Newegg, for $225 (the price is good through Sunday, Nov. 22). It has...
View ArticleHow I set up office hours in Google Voice
If you have a side business, you need to offer customer service, but it’s also perfectly reasonable to not want your phone to ring at 3 a.m. Fortunately it’s easy to set up Google Voice to allow your...
View ArticleCommodore 64 vs. VIC-20
The C-64 and VIC-20 look a lot alike, and shared some of the same designers, but there are a number of differences between these two vintage computers. The post Commodore 64 vs. VIC-20 appeared first...
View Article