In these post-September 11 days, when we think of airline security, we tend to think about screening passengers for weapons and using technologies such as CAPPS (the Computer Assisted Passenger Pre-screening System) to determine a threat assessment for each passenger. However, on a recent flight to Chicago, as I watched the people around me break out their laptops and plug into their MP3 and DVD players as soon as we reached cruising altitude, it occurred to me that there are many types of security

I love my Pocket PC. That wasn't always the case. I've always WANTED to love them, always loved the concept of the handheld computer, but for the longest time I just couldn't. I bought a couple, always with high hopes -- but found myself abandoning them after a month or so. I liked the functionality: calendar, contacts, copies of my e-mail, ability to read and work on Word or Excel documents. But the old PPCs reminded me of the problem that police officers had with the sophisticated PR-24 sidehandle

The “blame the victim” mentality is prevalent in many facets of society today. Cities pass ordinances that make it an offense to leave things of value in view inside your vehicle, lest some just-in-time thief be tempted and break in to take it. Victims of motor vehicle burglaries are astonished, when they report the crime, to find themselves receiving a ticket. Blaming the victim is an attitude that's seeping into the computer security arena, as well, in several different forms. I recently

There seems to be an assumption, at least on the parts of less tech-savvy parents, that all kids are computer whizzes. After all, the parents often have to call on their teenagers or pre-teens to figure out how to operate their own computers. In many cases, it's true that today's youngsters, who literally grew up with computers, are able to pick up on technology faster. But that leads to another assumption: that because the kids know how to use the computers, they also know something about protecting

It's been a crazy couple of weeks, first last week with Tom off to TechEd (representing us both this time -- to all those I missed out on seeing, my regrets and hopes that next year I'll get a chance to be there too) me holding down the fort here. Then this week we've been battling Mother Nature, with the Dallas-Ft. Worth area being pounded by storms almost every night. We spent one evening couped up in our “safe room,” a small bathroom in the middle of the house downstairs, with tornado sirens going

The push has been on in the U.S. since the 2000 elections to replace old paper and punchcard ballots with electronic voting systems, but as the 2004 elections draw closer, serious questions are being raised about the security of the new systems, many of which include no paper trail and no way for voters to verify that their votes were recorded correctly. It's interesting that, in many cases, it's those who make their livings working with computers who are most worried about the idea of voting by

Today on CNN.com, I clicked the link to read Time Magazine's “Builders and Titans” report, which purports to be a list of those business people who have created successful businesses and/or championed established ones and have had a significant influence on shaping society. In going down the list of 20, I saw a number of names that are familiar to those in our field: Michael Dell, Steve Jobs, Carly Fiorina. What I didn't see was any mention of Bill Gates. Oh, well, I guess the World's Largest Software

Biometric security has been a source of contention on many levels. On the surface, it sounds like the perfect solution to the problem of identity theft. After all, there are a number of physiological traits that are more or less unique to individual human beings. And those prone to forgetting passwords or leaving their smart cards at home aren't apt to leave the house without their fingerprints or forget their retinal patterns. However (there's always a “however”), nothing is perfect and biometrics

It looks as if this summer the IEEE will finally approve the standards for 802.11i. That's the wireless security standard that is based on RSN, which uses AES (the protocol formerly known as Rinjdael) and a 128 bit encryption key to provide better security. WPA, another new wireless security standard adopted by the Wi-Fi Alliance, can be implemented by upgrading the client software for many current wireless devices. Deploying RSN is a bit more complicated, since it will require hardware devices with

The article on Application Layer Filtering (ALF) that I wrote for Windowsecurity.com has just been reprinted by SecurityProNews over at http://securitypronews.com/2004/0505.html . There is a lot of interest in ALF these days, and no wonder -- the ability to filter at the application layer not only helps prevent attacks that exploit application layer protocols, but is also a key element in filtering for spam at the firewall, which takes some of the load off your mail server or spam filtering server