I read all the time. I admit that I read less now that I found and use Audible the Amazon audio book service). While Audible is great the books I chose to read (or re-read) this summer are probably not available there. I recently re-read the Blue Team Field Manual (BTFM) and read the Red … Continue reading Summer Reading 101 – The Blue Team Field Manual
Category: cybersecurity
Using Biometrics to Replace Passwords
I was recently asked this question...I'm working on a project right now where my team wants to substitute passwords and usernames for biometric authentication. I have expressed my multiple concerns for the security of such a system, but the idea has now come up that we could use a system with at least 2 factors … Continue reading Using Biometrics to Replace Passwords
Understanding the Traffic Light Protocol (TLP)
The Traffic Light Protocol (TLP) takes something that most people know and applies it to a new problem. In this case the simple concept of roadway traffic lights applied to information sharing. As defined by FIRST, an organization formed by cyber first responders; the Traffic Light Protocol is "a set of designations used to … Continue reading Understanding the Traffic Light Protocol (TLP)
It all in the Cloud(s)
The Internet is changing yet again. One of my predictions for 2018 is that everyone will witness a migration from corporate or private data centers to the 'Cloud', or Internet hosted data centers. There have been tremendous advances made in both securing the Cloud and sharing with the broader technical community how to secure the … Continue reading It all in the Cloud(s)
International Cyber Conflicts @ Coursera
I just finished the course 'International Cyber Conflicts' at Coursera. The course was developed and led by professors Sanjay Goel and Kevin Williams from the State University of New York at Albany. This was a five week course that consisted of recorded presentations with inline questions; discussion forums; and end of week quizzes. The presentations … Continue reading International Cyber Conflicts @ Coursera
USB Forensics
I recently came across two very good articles about USB forensics. The Hitchhiker's Guide to USB Forensics was published at the Cyberforensicator site by Oleg Skulkin and Igor Mikhaylov. It is a very well thought out an written description of how to find out by operating system analysis what files have been copied to a USB … Continue reading USB Forensics
The State of Internet Privacy? In Shambles. Moving on.
Many would consider me an Internet Old Timer. I used 'The Internet'; then ARPAnet back in the days when I worked as a Software Engineer for a US defense contractor. Securing communications and having confidence in message integrity; both in the identity of the sender and in the integrity in the content have always been … Continue reading The State of Internet Privacy? In Shambles. Moving on.
Websites Intentionally Disabling Password Managers
It wasn't just me. The folks at Wired have noticed that some web sites are not really very password manager friendly. I travel fairly often. Lots of that travel is for work but I do get around on personal business and to get away. One of my go to sites for travel is Hilton dot … Continue reading Websites Intentionally Disabling Password Managers
New Apple Guidelines Explain What Data the Company Will Provide to Law Enforcement
ars technica has a great article that explains recently published Apple guidelines regarding what customer data the company will provide to law enforcement. Reviewing and understanding Apple's position is important as the companies consumer devices such as the iPhone, the iPad, and Mac computers running OS/X readily provide users the capability to use both local … Continue reading New Apple Guidelines Explain What Data the Company Will Provide to Law Enforcement
Seminars at the John Jay Center for Private Security and Safety
If you are near New York City and interested in cyber security and criminal justice I suggest attending the seminars at the Center for Private Security and Safety at John Jay College in Manhattan. I attended seminars on cybersecurity and cyber espionage. The presenters that I saw are faculty from the college. I found the … Continue reading Seminars at the John Jay Center for Private Security and Safety
