BSides Nashville 2017, Jeff Mann's 'Does DoD Level Security Work in the Real World' →

May 04, 2017 by Marc Handelman in All is Information, Education, Information Security, Security BSides, Security Opinion, Security Conferences

Self-Healing Endpoint

March 21, 2017 by Marc Handelman in All is Information, Blatant Stupidity, Information Security, Right to Privacy, Security Failure, Security Governance, Security Heal Thyself, Security Opinion, Demise of Privacy

Apparently, this product is now embedded in a wide range of devices (ranging from Apple Inc. to Dell Computers and more). I do architect & advise end-point security efforts in my work (agnostic that I am - I do not recommend individual products), but certainly not an embedded product in BIOS or EFI. Could it be rightly called 'The Self-Healing Endpoint of Privacy'? Has a meme been created? You be the judge - Me?, I'm going back to paper and pencil, air-gapped (of course - dammit, air-gaps are no guaranty of secure platforms either...). What to do. Tip o' the Hat.

Saturday Security Maxim →

April 02, 2016 by Marc Handelman in All is Information, Security Maxim, Security Opinion

“On two occasions I have been asked by members of Parliament, "Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?" I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.”

Excerpt From: “Security Sound Bites: Important Ideas About Security From Smart-Ass, Dumb-Ass, and Kick-Ass Quotations.” Roger Johnston.

Saturday Security Maxim

October 17, 2015 by Marc Handelman in Security Opinion

Buffett’s Maxim: You should only use security hardware, software, and strategies you understand. Comment: This is analogous to Warren Buffett’s advice on how to invest, but it applies equally well to security. While it’s little more than common sense, this advice is routinely ignored by security managers. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory