It seems that an attorney at Eli Lilly’s outside legal firm accidentally sent an email with confidential information over government settlement talks to a reporter at the New York Times. The Times reporter then started poking around, eventually breaking the story far before anyone was prepared.
Each of these applications has plugin architectures and inadequate security models. Actually, IE 7 + Vista is a good model, but it will take 3 years for it to hit wide enough deployment.
I’m pretty angry right now.
I just went to vote in the primary. In hand was my driver’s license and voter ID card. Because the addresses didn’t match, I wasn’t allowed to vote until I showed another form of ID with matching addresses. I, of course, didn’t have one. None of the materials mailed to us or displayed in our polling place mention this requirement.
There are a lot of things I love about working for myself, but I have to admit sometimes it’s hard to keep everything balanced. For a while there I was taking whatever work came in the door that aligned with my goals and didn’t violate my objectivity requirements. Needless to say, the past few months have been absolutely insane; deadline after deadline, 2-3 trips a month, and a heck of a lot of writing.
According to IBM’s ISS (via eWeek), the number of publicly reported vulnerabilities dropped in 2007.
Pete Lindstrom cautiously (unusual for him) wonders if this means we’re over the hump.
A short piece I wrote for Network World just went up today. “Avoiding data-loss prevention pitfalls”.
What are the barriers to DLP? I’ve heard it can take a lot of time and the costs add up. Is there a way to get around this? It’s always daunting to consider deployment of a new security technology, but with the proper preparation Data Loss Prevention (DLP) is less painful to deploy than many of our other tools. The keys to a successful DLP deployment are setting the right expectations, proper…
Per requests from a few people, and no one has complained about the move yet. 6 PM at Furio in Old Town Scottsdale.
This week’s question in our Ask Securosis series moves past a technology question into the realm of management and statistical research.
It’s no surprise that I’m a big fan of Microsoft’s Trustworthy Computing Initiative- something I was skeptical of when it was first announced. MS proved me wrong, and years later we’ve seen a very positive impact. Vulnerabilities are down, response times are up, and products ship in more secure configurations. Yes, they still screw up every now and then, but it’s overall been a huge improvement. Just because I don’t like to use Vista doesn’t mean I don’t appreciate all the security work that…
Securosis is in possession of damning documentation that proves, without a doubt, that John Moltz of Crazy Apple Rumors has taken control of all Macs through his ingenious use of the, “woe is me, I lost my funding, come to my site and cry your goodbyes” scam.