I've been reviewing histories of cryptography recently and here's an interesting thing about pre-computer encryption: it's almost entirely used for communications security. People encrypted messages, but they rarely encrypted documents.
I've finally found a few real-world cases: encrypted diaries. BBC actually did a short segment on them last summer. But I'm still looking - there must be other cases where someone needed to keep some long-term data secret from prying eyes.
Two things about my computer use over the past decade: 1) I've been moving all of our family mementos (mementi?) to digital form, and 2) I've become a total klutz about mass storage. A disaster in the making? Almost, but not quite. I've spoken earlier about using RAID on my Mac Pro, and now I'm using RAID with my Time Machine storage. I use my drive swapping trick to create backups, and keep the backup off-site.
While performing the drive swap, I managed to smash my working OS X system partition. Thus, I got to experience first-hand the process of recovering my system from my Time Machine backup. Here's the report.
[UPDATE: Since the original posting, I've found more brittleness in the restored Aperture directory and I've been negotiating a truce between Paragon's NTFS and my NTFS-formatted portable USB drive. Sides are still not quite on speaking terms.]
Verizon's security blog has published a summary report of data breaches investigated by their security team. The report covers 500 security breaches they investigated between 2004 and 2007. There are a lot of graphs and tables summarizing threats and impacts.
The authors sensibly point out that this is based on a limited sample, but it's great to see this sort of report.
Here is a terrific (but depressing) article by Saul Hansell explaining how the Wall Street meltdown was fueled by feeding nonsense to the risk management systems in the big investment houses.
The systems did not have models of those weird derivative instruments being traded, so traders would say they were trading a generic (safe, well-understood) loan instrument. So the systems did not really model the risk.
I find this really heartbreaking. I have to believe some people behind the scenes knew what was going on, and I can imagine them losing the argument with their bosses when they tried to fix things.
Will Norris is working on a revision to OpenID for WordPress. This is good, and I have some observations and suggestions. At the moment the OpenID plugin works pretty well - I have separate logins delegated through domains I own. I routinely log in through OpenID for both routine and administrative activities.