Archive for August, 2010

BlackHat 2010: Day 1

I’ve just returned from a trip to BlackHat Briefings USA 2010 and DefCon 18. As always, it was an enjoyable week in Las Vegas learning about the latest research, networking with the surprisingly small world of security professionals, and generally having fun hanging out with a lot of interesting people with the hacker mindset. BlackHat […]

attacks, authentication, crypto, industry, mitigations, products

The Trouble With Fighting Your Users

Companies like Apple that try to control devices purchased by end-users create their own serious security problems. It turns out that Apple trying to protect itself from you makes you vulnerable to attackers. Apple doesn’t want you to run anything on your phone that they didn’t approve. But of course, customers want to run whatever […]

attacks, industry, risk, society

Secure Use of Cloud Storage

At BlackHat Briefings USA 2010 in Las Vegas this year, I presented a session entitled “Secure Use of Cloud Storage,” covering ways that developers can use and misuse cloud storage systems like Microsoft’s Windows Azure Storage and Amazon’s Simple Storage Service (S3) and SimpleDB. While the released versions are available on the BlackHat official website, […]

attacks, mitigations, SOA/XML