schneier

Wanna privacy then be alone

Taking into account recent revelations with Edward Snowdenand government surveillance programs I’ve started to thinking that maybe I should ditch my email provider and host it on my own server. It’s definitely not good when somebody is reading your emails, even if you’re innocent. Or maybe especially? OK, so I would host my own email server and then what. Well, nothing. All my friends and family members are using Gmail or other email services from big companies.

Oh master, why you... are boring (Liars and Outliers)

I value Bruce Schneieras security expert. I love his blog. I like that he’s not fast to make opinion and analyzes everything thoroughly. I’ve enjoyed his book Secrets and Lies: Digital Security in a Networked World. And as he advertised his last book, Liars and Outliers: Enabling the Trust that Society Needs to Thrive, a lot, I’ve decided to give it a try. It was easier decision to me as it’s available on Safari Books Online.

Security failures - flashback

I’ve read very interesting text about 3D movie projectors used by cinemas and how bad security design led to worse end-user (viewer) experience. You can find full text here. But I want to write about something I’ve recalled after reading this text. Few years ago I was working at call center for major Polish telecom (TP SA). I was help-desk for ADSL service called Neostrada. We were divided into two groups:

I'm translator baby!

Well, actually not. But as I’m a fan of Bruce Schneierand TEDI’ve wanted to do something to support them. So I’ve translated subtitles for Schneier’s talk about Security Mirageinto Polish. And reviewer needed to fix only few issues, mainly punctuation:)

Nightmare of helpdesk

Today I’ve read article by Bruce Schneier about conception of Internet Quarantines. Scott Charney from Microsoft gave an idea that computers in Internet should be quarantined if they’re infected by malicious software. This method is used by many companies when you want to connect via VPN to their networks. Bruce gave it deep and worth reading analysis so I wouldn’t rewrite what was written already. From my point of view the idea would be especially bad for one group of people, helpdesk personnel at ISP.

My bank is learning from Schneier, but isn't good student

Bruce Schneieris the person well known to everybody interested in IT security. Recently he published blog postabout why two-factor authentication is not solving all security problems. For those who don’t know what this term means, two-factor authentication is basically system where first you’re giving your “constant” password (password which doesn’t change), then if you’ve provided correct password system is sending you another one which is generated for you just for this single use (this password can be generated also by some small device provided to you by system admin).