IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Chad Perrin // October 14, 2008, 11:03 AM PST

    TSA Communication may get your bag searched

    Evan Roth's T.S.A. Communication project is described as art, and is funny at times. It may also be a problem.


  • Chad Perrin // April 13, 2009, 8:19 AM PST

    10 questions to ask yourself before collecting security data

    As information technologies become more efficient, and as we conceive of more effective ways of using them, the temptation to engage in data collection and analysis grows. Especially when that data relates to security, we should be careful about how we go about collecting it, and whether it is wise to collect it at all.


  • Chad Perrin // August 8, 2008, 3:41 AM PST

    When it comes to security, what does it mean to be good enough?

    What are the security implications of "good enough?" Does it reflect a cynical belief that just the impression of good security is sufficient, or does it refer to the realistic balance that must be struck between security measures and what they cost?


  • Deb Shinder // September 14, 2010, 3:11 AM PST

    Calculating the true cost of cybercrime

    Deb Shinder looks at several studies that have sought to quantify the cost of cybercrime. She presents the difficulties associated with it -- and the challenges it poses for adequate law enforcement.


  • Tom Olzak // December 14, 2008, 8:00 PM PST

    Use free sandboxing software to isolate risky behavior

    Sandboxie creates an isolated operating environment which prohibits applications from directly writing to anything on local or mapped drives unless I want it to.


  • Tom Olzak // December 8, 2008, 12:45 AM PST

    Hamachi is good news for SOHOs, but not so good for the enterprise

    In this post, we'll walk through how Hamachi works, look at some additional free tools you can run over Hamachi connections, and the risk it presents to your business network. We'll close with a few suggestions for blocking its use.


  • Michael Kassner // June 12, 2009, 4:28 AM PST

    Spam: Previous record toppled

    Incredibly, out of every 10 e-mail messages sent nine contain spam and that's a new record. Michael Kassner takes you through the latest statistics.


  • Paul Mah // January 27, 2008, 3:50 PM PST

    Security news roundup: January 27

    Here's a collection of recent security vulnerabilities and alerts, which covers an SQL injection hole found in PHP Nuke, a reboot vulnerability found in Cisco's PIX and ASA, a new version of ClamXav Mac GUI, a report from Microsoft with a report concluding that it has fewer flaws than other modern operating systems, various flaws in Trivoli and WebSphere that have been fixed, and a protocol weakness in Firefox that Mozilla is looking into.


  • Paul Mah // November 28, 2007, 10:01 AM PST

    Securing from the inside: Whitelisting

    In my last post, I talked about the dangers that the humble USB port can pose to the unsuspecting security administrator. I also suggested some possible ways of dealing with this often overlooked vector. This time, I want to talk about one of my suggestions -- whitelisting. It's a technology that's been around for a while now, but it's something that antivirus companies probably don't want you to know too much about.


  • Michael Kassner // August 10, 2009, 9:16 AM PST

    Nigerian 419 scammers: What you didn't know

    Most of us have been solicited by 419 scammers from Nigeria, so we understand how the swindle works. I've wondered about the people behind the con, but never found much written about them. That is until now.


  • Michael Kassner // January 31, 2011, 4:02 AM PST

    Social networking sites: What information will they release about you?

    Michael Kassner takes a closer look at the kinds of information released by social networking sites about members if requested by law enforcement. Concerned? Or is it just the price of online participation?


  • Chad Perrin // June 30, 2008, 8:13 AM PST

    The CIA Triad

    The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the CIA Triad's strengths and weaknesses.


  • Michael Kassner // June 13, 2011, 1:03 AM PST

    Dropbox: Convenient? Absolutely, but is it secure?

    A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?


  • Patrick Lambert // February 27, 2013, 5:00 AM PST

    How to check and configure your browser plugins

    Patrick Lambert offers some basic tips on how to check web plugins in four major browsers.


  • Michael Kassner // June 24, 2013, 1:09 AM PST

    Convenience or security: You can't have both when it comes to Wi-Fi

    Open Wi-Fi networks can be a godsend when you need them. Michael P. Kassner interviews a network-security expert who explains why bad guys like them even more.