Blayne Sucks

Although Ed Felten has recently gotten tons of press about his research group’s recent analysis of breaking hard drive encryption, I wanted to talk about some research that he’s done previously on electronic voting for several reasons. First, I mentioned voting in my last post. Second, I have blogged about electronic voting here […]

One of the most highly charged pieces of legislation that has been passed by Congress in recent years is the Protect America Act. Probably the only good thing about it is the sunset provision that ensures it will expire in its current form unless Congress acts to renew it or make it permanent. […]

Slashdot recently reported on an ArsTechnica article on the death of RealID. There are several things to take from this.
First, RealID is horrible from a privacy and liberty standpoint. This is well-known to anyone who actively concerns themselves with these sorts of issues. It is essentially a national ID card. Depending […]

There’s a BBC article that was posted this past Saturday entitled Big Brother is watching us all. I am leary of reading traditional media articles about privacy because many of them are inflammatory and most seem to provide and distorted view of what most reasonable privacy advocates are actually advocating. However, I was […]

There’s a principle in computer security that is the basis of access control as we know it. This principle is called The Principle of Least Privilege. The idea is that you should only provide the minimum amount of rights needed for someone to do the things they need to do. For example, […]

Sometimes I have to try actively to avoid a “me too” post after Bruce Schneier’s latest article goes up on Wired. However, I will indulge myself this time because his latest article is about disaster recovery communications. I feel very strongly about this and Bruce speaks so eloquently about it that I would […]

The privacy of GMail has annoyed me for some time now, but I found another reason to dislike it. Apparently someone designed a point and click tool to hack GMail accounts. It was demoed recently at Black Hat in Las Vegas.
Now, some of the things that are demoed at these conferences are pretty […]

Bruce Schneier’s latest article for Wired talks about disaster planning as an important part of the security process. Specifically, he’s talking about picking a disaster that has a reasonable likelihood of being mitigable. For example, it’s pointless for an individual or business to “plan” for a nuclear winter, but that might be exactly […]

I am not sure if I have mentioned it before on this site, but Brian Krebs is a journalist at the Washington Post and maintains a blog called Security Fix. If you are not a security person and you only really care about computer security issues that would affect you as a generic computer […]

One of the biggest reasons that computer security is so lax across many private industries is that there is a serious lack of accountability. If a business has a massive data breach, currently the only major or direct consequence of that breach to the business is a public relations problem of some degree. […]