Thanks to my former publisher, Addison-Wesley nee-Pearson Education, I can post several chapters of my favorite writing project: Authentication: From Passwords to Public Keys. I'm including these chapters as material for the Cloud Cybersecurity course I'm doing at the University of Minnesota for Coursera. The book was published in 2001, and it's based on solid,... Continue Reading →

Tiptoeing Through Vulnerabilities

I sympathize with developers who throw up their hands and say, "I don't do security stuff." No matter what you choose, there's a trade off that could go wrong. It's especially troublesome if one deploys a "security website." I've deployed security education websites in many environments over the past 20 years, and I rarely achieve... Continue Reading →

Create a website or blog at WordPress.com

Up ↑