Metasploit as the security Mendoza line
If you are in (or near) data security and you haven’t heard of Metasploit, you owe it to yourself to check it out. The RiskAnalys.is blog observes today that Metasploit is the security Mendoza line. I’ll let them explain the analogy for the non-baseball fans in the crowd.
I think I forgot to mention the release […]
Security lessons from MULTICS
Interesting stuff for OS and security-minded people: Thirty Years Later: Lessons from the Multics Security Evaluation. MULTICS was B2-certified and was considered for re-development into an A1 system.
“I’ll pay you for your checking account number”
What if someone said “I’ll pay you for your checking account number.” Would you give that person your information? Probably not.
But a similar question just came up in a conversation with a friend: should you be careful about accepting checks from just anybody? Everyone who writes you a check gets your checking account number and […]
PhoneFactor day!
What a month. I knew June was going to be busy, but I had no idea it would simply disappear on me. But, as a result of all the hard work that my team and I have been up to, I can finally announce the public availability of PhoneFactor 1.0, as of July 2, 2007! […]
One last PhoneFactor post for the weekend
OK, one last post on PhoneFactor, and then I’ll try to get back to regularly scheduled programming.
I finally got a dedicated PhoneFactor blog set up; for those interested, it’s at blog.phonefactor.net. I have had to fight with WordPress 2.2 quite a bit to get all of the feeds working, and I’ll probably switch to FeedBurner […]
Translated version of the Japanese PhoneFactor article
Someone at my office had the bright idea of using Google to translate. Man, I work with some really bright people!
Translated article.
It’s neat.
Wow, what an amazing 24 hours! I’ve been doing everything from coding to PR to writing for the website to… well, you get the idea. PhoneFactor has caused quite a splash already at Interop, and we’ve been getting some really good press out of it.
One of my favorite quotes is this one, from an Infoworld […]
PhoneFactor: Free two-factor authentication for everyone!
After months of development and a couple of years of research and planning, I’m thrilled to announce that Positive Networks is readying its new two-factor authentication service, PhoneFactor, for launch this summer.
PhoneFactor is a phone-based two-factor authentication system. It works like this:
A user enters her normal username and password and logs in
Immediately, the system places […]
What I’ve been up to lately
I’ve been heads-down for the past six months focusing virtually all of my attention on two very special projects.
Tomorrow, Positive Networks will be announcing its newest service to the world: a two-factor authentication service for everyone. Readers of my blog will recognize by now that I’ve never been a fan of usernames and passwords, and […]
Incompetence makes security harder
I just finished a series on how hard security is. Here’s another little anecdote that Matt just sent my way.
It turns out that the National Tap Ensemble, which bills itself as America’s national tap dance company, has been had. Question #6 from their FAQ contains the following nice quote:
This is a professional, highly-respected organization so […]