Steve Riley on Security
Formerly
of Microsoft's
Trustworthy Computing
Group.
Browse by Tags
All Tags
»
security theater
(RSS)
advertising
authentication
aviation security
biometrics
BitLocker
email
encryption
false claims
identity
protection
public policy
risk mitigation
RMS
security myths
security science
spam
things that make me angry
things that make me laugh
things that make me worried
Windows Vista
The bad guys will use BitLocker, too
Got an email today from a customer asking about how BitLocker will affect the ability of law enforcement to conduct forensic analysis of a protected hard drive. Specifically, the person was asking about any back doors that law enforcement could use to
Read More...
TechNet: Exploring the Windows Vista Firewall
New article up... Back in the days of the paleocomputing era, no one ever thought about installing firewalls on individual computers. Who needed to? Hardly anyone had heard of the Internet, TCP/IP was nowhere in sight, and LAN protocols didn’t route beyond
Read More...
America, wake up: stop being "security sheep"
OK, I need to complain a bit here. Yesterday I went to Best Buy to get a new digital camera. I already knew which one I wanted, so I found a sales guy, pointed to the display unit, and said, "I'd like one of these." "Sure," he replied. He found the keys,
Read More...
Mythbusters beat "unbreakable" fingerprint door lock
My good friend Jamie Sharp sent me this link today. It's amazing: watch how Adam and Jamie easily defeat a fingerprint lock the manufacturer claims has never been broken. As if to snub the claims, they break it three times! Supposedly it monitors pulse,
Read More...
File under: "You've got to be kidding!"
Today I upgraded the brain on my i-mate K-JAM. Which, of course, requires a hard reset, meaning that I get to spend a relaxing day re-installing and configuring all my applications. Usually when I do this (too frequently, it seems) I browse around for
Read More...
New site at the top of my favorites list
You know, stupid security abounds. I just discovered this site today, and I plan to become a regular visitor -- and probably a contributor, too! I encourage you to explore it and enjoy. Oh, some advice: it probably would be unwise to read an offline archived
Read More...
The Internet routes around outages -- and censorship, too
Have you seen this yet? " Grokster ruling begins the good fight " If you haven't, it's worth your time to read -- it's a terrible shibboleth for a U.S. "national firewall." Coursey is promoting the idea that all U.S. Internet access should pass through
Read More...
Cluelessness abounds
So yesterday I received a rather interesting email. Subject: "INFOSEC Scholarships & Fellowships for PhD or MS + Free CISSP Exam Prep Events." Hm, I didn't know that "information security" suddenly became an all-caps acronym. How come no one asks
Read More...
Lousy security
Lousy security is all around us, and I'm not even thinking about airport security here (which, I admit, i love griping about). Here I have in mind lousy computer security. And lest you think I'm proceeding to engage in naval-gazing introspection, no --
Read More...
Airport security silliness
So today (Thursday 21 July 2005) I flew from Seattle to Dallas for a customer meeting. Since it's a short one-day affair, I packed my small carry-on size suitcase. In it was a pair of shoes, one pants, one shorts, two shirts, a toiletry bag, and my collection
Read More...
New column - debunking security myths
There is a lot at stake in security configuration guidance. First, it is easy to understand why people are clamoring for it. Everyone can see the benefit in turning on some setting and blocking an attack. In some environments, doing so is not even an
Read More...
Search
This Blog
Home
About
Email
Resources for you
Get my PPTs from
My SkyDrive
Watch my videos at
TechNet Spotlight
Download
PYWN
's
Passgen tool
follow steveriley at http://twitter.com
View blog authority
Subscribe with FeedBurner
Subscribe, translate, or sort with BlastCasta
Homeland stupidity
threat:
Tags
access control
access technologies
Active Directory
advertising
assessing security
authentication
aviation security
biometrics
BitLocker
blogging
conferences and seminars
configuration
data destruction
email
encryption
false claims
group policy
home and family security
identity
infosec as a profession
integrity
Internet Explorer
IPsec
ISA Server
malware
music
my book
NAP
networking
passwords
patch management
physical security
protection
public policy
risk mitigation
RMS
security myths
security policies
security science
security theater
spam
SSL/HTTPS
TechEd
Terminal Server
the end
the future
the trade press
things that make me angry
things that make me laugh
things that make me worried
threats
virtualization
VPN
Windows 7
Windows Vista
wireless
Archives
August 2009 (1)
May 2009 (1)
February 2009 (1)
January 2009 (5)
December 2008 (1)
November 2008 (1)
October 2008 (2)
September 2008 (6)
August 2008 (2)
June 2008 (2)
April 2008 (1)
February 2008 (7)
January 2008 (1)
November 2007 (1)
October 2007 (3)
September 2007 (5)
August 2007 (2)
July 2007 (4)
May 2007 (2)
April 2007 (1)
February 2007 (1)
January 2007 (3)
December 2006 (2)
November 2006 (3)
October 2006 (2)
September 2006 (6)
August 2006 (1)
July 2006 (3)
June 2006 (1)
May 2006 (2)
April 2006 (2)
March 2006 (5)
February 2006 (2)
January 2006 (3)
November 2005 (5)
September 2005 (4)
August 2005 (2)
July 2005 (5)
June 2005 (5)
April 2005 (3)
March 2005 (2)
February 2005 (2)
January 2005 (1)
Syndication
RSS 2.0
Atom 1.0
