Pete Lindstrom just posted a missive in support of the TSA.
Pete makes some good points about the limitations of policy- while you always need hard rules, you also always need exceptions and judgement.
Statement from SecureWorks:
SecureWorks and Apple are working together in conjunction with the CERT Coordination Center on any reported security issues. We will not make any additional public statements regarding work underway until both companies agree, along with CERT/CC , that it is appropriate.
I read an interesting article by Brian Krebs over at the Washington Post on ID theft. Brian did a little hunting on some underground IRC channels and witnessed a large amount of stolen personal data being exchanged, then went out and talked with around two dozen victims.
I now know that $40 and a quick web search will let any doofus figure out most of my former addresses, neighbors, home values, roommates, birthday, etc.
Last week the guys over at Matasano did some seriously great work on ATM hacking. So many blogs were running with it at the time, and I was on the road dealing with a family emergency, that I didn’t cover it here, but I think this is such an excellent example of disclosure working that it deserves a mention. It’s also just a cool story.
In a brief analysis/link to my privacy post Mike Rothman states we have a right to privacy in the Constitution, but the problem is enforcement.
Amrit Williams is a coworker over at Gartner and he’s obsessed with cowbell and security tools that go to 11. Let’s just say this post isn’t the first time he’s brought it up.
If someone ever tells you something like the following:
“We defend against all zero day attacks using a holistic solution that integrates the end-to-end synergies in security infrastructure with no false positives.”
I swear, every time I think this thing is dead, its pale desiccated hand reaches from the grave, grabbing at our innocent ankles.
I hate to admit it, but someone will probably hack this site at some point. And they may even use it to hack your computer.