Archive for August, 2010

0

BlackHat 2010: Day 1

Posted at August 12, 2010

I’ve just returned from a trip to BlackHat Briefings USA 2010 and DefCon 18. As always, it was an enjoyable week in Las Vegas learning about the latest research, networking with the surprisingly small world of security professionals, and generally having fun hanging out with a lot of interesting people with the hacker mindset. BlackHat [...]

attacks, authentication, crypto, industry, mitigations, products
0

The Trouble With Fighting Your Users

Posted at August 10, 2010

Companies like Apple that try to control devices purchased by end-users create their own serious security problems. It turns out that Apple trying to protect itself from you makes you vulnerable to attackers. Apple doesn’t want you to run anything on your phone that they didn’t approve. But of course, customers want to run whatever [...]

attacks, industry, risk, society
0

Secure Use of Cloud Storage

Posted at August 3, 2010

At BlackHat Briefings USA 2010 in Las Vegas this year, I presented a session entitle Secure Use of Cloud Storage, covering ways that developers can use (and misuse) cloud storage systems like Microsoft’s Windows Azure Storage and Amazon’s Simple Storage Service (S3) and SimpleDB. While the released versions are available on the BlackHat official website, [...]

attacks, mitigations, SOA/XML