The Command Line

I cannot tell if PayPal’s new virtual debit card is really any more secure than any other form of online transaction. No, seriously, it’s apparently Windows only, working with MSIE 5.01 and later. Even though I have access to a virtual instance of Windows, I refuse to use MSIE for any personal surfing, [...]

Well, not really since this does not appear to be an automated attack, rather a manual and specific one. Also, hello, “cyber cafe”? I am not sure that this constitutes a new form of hijack, but is rather a single case of blinding naivete.
I am worried about the dangers of automatic filling of [...]

Security Focus has the first part of a two part article discussing password managers up. The second part, as is often the case with these sorts of series, has the real pay off in terms of their recommendations. But if you aren’t already familiar with the risks and issues, you should give part [...]

I saw a couple of posts today, comment on the recent increase in spam, incuding this one from Ed Felten. Felten, not surprisingly, hits the nail on the head. Despite overly optimistic predictions to the contrary, spam will continue to thrive as long as the payoff outweighs the cost. Much like information [...]

I am starting to understand why Jon Gruber got so infuriated with Brian Krebs over at SecurityFix. Generally, I think Krebs’ reporting is no better or worse than anyone else trying to present readable yet accurate coverage of security issues that may affect the average user.
However, this post irked me within the very first [...]

Maybe I am old fashioned, but when I think encryption, I think math. Quantum encryption systems instead seem to rely on quantum mechanical effects rather than any form of computation, per se. I find them somewhat concerning, especially when a confirm security expert admits he doesn’t understand enough physics to assess a system’s [...]

All general purpose computers are susceptible to developing vulnerabilities, it is the nature of the beast. I have to treat news about new virii as suspect, then, for purportedly more secure operating systems like Linux or, in this case, OSX. I don’t know if the media’s view of the average OSX, or Linux, [...]

While this is certainly worth being aware of, I only see this as different from other web based vectors in the high profile nature of Wikipedia. I think there is am implicit assumption in the coverage of this that users would treat Wikipedia links differently than other web sites. Really, how is this [...]

This is vaguely curious because of the forensic linguistics used to try to identify the troll. Otherwise, this behavior is less mysterious and ubiquitous across almost all online fora and just plain annoying.

At least with RFID, the actual data stored on the chips is minimal. To do something truly malicious typically requires being able to correlate that with some other data.
Sure, the forthcoming US passports no doubt store more. But at least there have been some token efforts to prevent reading of the data when [...]