Forbes posted: The World's Most Ethical Companies. I quote:

The Ethisphere Institute, a New York City think tank, has just announced its fifth annual list of the World's Most Ethical Companies. The selection, open to every company in every industry around the globe, gives its winners an opportunity to trumpet their do-gooding ways. It is not a ranking, so they are all equally winners.

Nearly 3,000 companies were nominated--or nominated themselves--to be considered this year. The record-high number of nominations and applications demonstrates companies' desire to be acknowledged for high ethical standards. The 2011 list, which includes 110 organizations, is the largest since the award's inception in 2007.

and

The 110 companies that made the final cut this year include first-time recipients Adidas ( ADDDY.PK - news - people ), eBay ( EBAY - news - people ), Microsoft ( MSFT - news - people ), Colgate-Palmolive ( CL - news - people ) and 30 other newcomers. Thirty-one companies from last year disappeared, generally because of litigation or ethics violations, as well as increased competition from within their industries. Twenty-six companies have been recognized as a WME company for all five years, and 50 more have made the list at least twice.

In my opinion, something we can be very proud of!

Roger

10 years ago a browser was born.

Its name was Internet Explorer 6. Now that we’re in 2011, in an era of modern web standards, it’s time to say goodbye.

We all know that Internet Explorer 6 is outdated and that you should move away from it to a newer browser immediately. For security, safety as well as fro compatibility reasons.

Therefore we created the The Internet Explorer 6 Countdown page with the goal to get Internet Explorer 6 market share below 1% – currently it seems to be still at 12% which is way too much.

If I look at the statistics of my blog, this is currently the distribution of the browsers hitting this page:

Looking at Internet Explorer versions, it seems that you are security conscious people - not really a surprise:

So, we are better than the rest of still 4% of you are using a very, very old version. And by the way 16% are using a version-1. That this data cannot be reflecting the real world is clear as I do not expect 1/3 of the people using Internet Explorer being already on the Release Candidate of Internet Explorer 9.

Therefore I added my main blog to the IE6Countdown initiative (please move to the main blog anyway :-)). If you see this banner when looking at the blog:

I would like you immediately to go to this download page to get the latest version of Internet Explorer and to help to drive the IE6 share below 1%!!!

Roger

I just read this article on Google pulling 50 applications from their Android marketplace (Google uses remote delete to remove Android apps from smartphones – Update). A very good decision as these apps leverage an exploit to access user data.

However, what made me think is that they removed the applications from the devices. This would be – to me – an unacceptable intrusion on my device. I am completely aware that the strategy other vendors, like us, have to revoke the application certificate/manifest has the same effect: The application is not working anymore. But to me it is a huge difference, whether the vendor de-installs an app or just blocks the execution. The reason for this is fairly simple: If they mingle actively on my device, what else do they do on it? What do they do with my data, contacts, mail etc.?

Would be worrisome to me…

Roger

A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether we would be able to ramp up the communication channels and keep them up even if bad things happen (like the building has to be evacuated). By ramping up the channels, I was not necessarily interested in the technical side but in the people side. Especially as the key leaders of the incident teams were the ones running the exercise. So, you had the people who knew each other for years sitting there and just listening in.

If you think about it: Even if you know that you are on call for an incident response team, if you get a call from national intelligence telling you that something bad happens, how can you know that they are genuine? Just because they know the incident number? An interesting question we realized that we did not address it if the key people were not present. Now this is for a security-related IT incident.

Reading this article An Unsung Hero of the Nuclear Age scared me as it seems that this problem was not even solved launching nuclear missile. It asks a fundamental question:

How can any missile crewman know that an order to twist his launch key in its slot and send a thermonuclear missile rocketing out of its silo—a nuke capable of killing millions of civilians—is lawful, legitimate, and comes from a sane president?

So, even though the article is fairly long it is worth reading

Roger

My manager was on the Tokyo airport, when the earthquake started. We had a chat yesterday about this – he is back home in the meantime – and he told me that he was very surprised that, while the phone network broke Internet still worked and he was able to call his wife immediately after the first shock.

Now, it still seems to be the case: Japan's Internet Largely Intact After Earthquake, Tsunami – fairly impressive.

BTW: Our Chief Security Advisor in Japan is well as is his family, luckily.

Roger