this ebook is free to view or download. A humanistic look at Big Data, aggregation and how a data-centric view of the world is changing our relationship to our identities and the groups we belong to. click below (left to look/right to receive) to view or download: Big Data- slipping its moorings Continue reading
In the world of on-line romance and breach notifications, the Ashley Madison hack is unique. Usually, on-line romance crimes involve fraud. Law enforcement officials report that on-line romance fraud is under-reported because the victims are too embarrassed to admit they were duped. They do not want to go through the humiliation of having a detective … Continue reading
Inference is the core technique for determining what happened for which you have little or no data. Lewis Mumford was dissatisfied with the stone tools that had been found all over the world and dated back hundreds of thousands of years. Not because he did not consider them telling of the state of technology employed … Continue reading
Sample (analysis follows): The cyber security threat landscape is awash in an ever changing fabric of “slings and arrows”. It’s not just a matter of “if” script kiddies will attack the enterprise but “when” nation states. And big, big breaches. Before the 20th century, there are only two recorded Denial of Service attacks: the burning … Continue reading
My latest article in Security Current, No Book to Be By, mentions that when it comes to security, there’s no such thing as “by the book”. But I don’t go into it in that article. There I am writing about how a task-based CISO (i.e., a PM promoted to the role) might be the worst … Continue reading
To distort a phrase from media criticism: if it HEARTBLEEDS, it leads. I have no proof of this, but I am guessing that the number of journalists that now have experience writing about cybersecurity events has increased dramatically in the past year. Big breaches have always been news, but with a cluster of them occurring … Continue reading
Of the thousands of pages in the Harry Potter books, only one sentence ever really seemed to relate to the on-line world. One of the smarter parents in the series admonishes his daughter: ”Never trust anything that can think for itself if you can’t see where it keeps its brain” And, sure enough, then comes … Continue reading
When it’s a customer service announcement. At least that’s what one in-flight internet on demand service provider claimed. So, the first thing to understand is that there is no reason to believe that customer information was actually compromised. On the other hand, as Bruce Schneier points out in Liars and Outliers, society runs on trust … Continue reading
Did the EU Court of Justice’s compromise on the right to be forgotten get its inspiration from a US law’s attempt at solving a logistical problem? I’ve written about the bias of aggregation towards anonymity in Anti-Viral, published by SecurityCurrent. In that piece, I show how the EU’s decision reinforces the idea that aggregation, the … Continue reading
I’ve extolled the virtues of false positives before. Talking about the Boy Who Cried Wolf, I’ve pointed out that the villagers who chose to ignore his false alarms rather than correct his behavior or replace him were taking an unnecessary risk. The story and a pack of wolves bear me out on this. I still … Continue reading
{Cyber Security} 