I must have been very nice last year, because Santa brought me a Sonos Connect Wireless HiFi System and Network Attached Storage (NAS) with Wake-on-LAN for Christmas. This particular combination of hardware can mean only one thing: I will spend the waning days of 2012 and the beginning days of 2013 ripping my entire CD […]
Technology & Nature – Perfect Together?
The ongoing recovery from Sandy’s devastating impact from the Caribbean to the East Coast of the U.S. – particularly New Jersey and New York – highlights for me the complex relationship between nature and technology. Satellite technology and meteorology were vital in predicting the storm and undoubtedly saved lives. No matter the accuracy of the […]
End-to-End Encrypted GMail? Not So Easy
Last week Julian Sanchez urged Google to offer end-to-end encryption for GMail, so that your messages would be known to you and your browser (and your email correspondents) but not to Google itself. Julian explained why this would be a positive step for users and, arguably, for Google itself. Let’s talk about what would be […]
You found a security hole. Now what?
The recent conviction of Andrew “Weev” Auernheimer for identity theft and conspiracy has renewed interest in the question of what researchers should do when they find security vulnerabilities in popular products. See, for example, Matt Blaze’s op-ed on how the research community views these matters, and Weev’s own response. Weev and associates discovered a flaw […]
What happens when responsible disclosure fails?
The topic of how to handle security vulnerabilities has been discussed for years. Wikipedia defines responsible disclosure as: Responsible disclosure is a computer security term describing a vulnerability disclosure model. It is like full disclosure, with the addition that all stakeholders agree to allow a period of time for the vulnerability to be patched before […]