Author Archive
BlackHat 2010: Day 1
I’ve just returned from a trip to BlackHat Briefings USA 2010 and DefCon 18. As always, it was an enjoyable week in Las Vegas learning about the latest research, networking with the surprisingly small world of security professionals, and generally having fun hanging out with a lot of interesting people with the hacker mindset. BlackHat [...]
The Trouble With Fighting Your Users
Companies like Apple that try to control devices purchased by end-users create their own serious security problems. It turns out that Apple trying to protect itself from you makes you vulnerable to attackers. Apple doesn’t want you to run anything on your phone that they didn’t approve. But of course, customers want to run whatever [...]
Secure Use of Cloud Storage
At BlackHat Briefings USA 2010 in Las Vegas this year, I presented a session entitle Secure Use of Cloud Storage, covering ways that developers can use (and misuse) cloud storage systems like Microsoft’s Windows Azure Storage and Amazon’s Simple Storage Service (S3) and SimpleDB. While the released versions are available on the BlackHat official website, [...]
DefCon 18 Schedule
If you happen to want a machine-readable (e.g. XML or iCal) version of the DefCon 18 schedule, my lovely wife made one which I’ve posted one on Google Calendar: XML iCal HTML This is accurate as of 7/27, so be aware that more recent schedule changes may not be reflected! I’ll be attending the conference, [...]
Google SSL Search
Google has added the ability to access their search engine via SSL. The interface couldn’t be simpler — you just go to https://www.google.com instead of http://www.google.com. The news media has been quite favorable to this — after all, search queries are at least semi-private in that you might not want your employer or neighbors to [...]
