Thanks to my former publisher, Addison-Wesley nee-Pearson Education, I can post several chapters of my favorite writing project: Authentication: From Passwords to Public Keys. I’m including these chapters as material for the Cloud Cybersecurity course I’m doing at the University of Minnesota for Coursera.
The book was published in 2001, and it’s based on solid, well-documented technical concepts. Everything is sourced through the “Notes” and “Bibliography” sections. Authentication captures the 2001 technologies very thoroughly. For many people, that’s as much authentication technology as they ever see.
Continue reading Authentication Chapters Online
I sympathize with developers who throw up their hands and say, “I don’t do security stuff.” No matter what you choose, there’s a trade off that could go wrong. It’s especially troublesome if one deploys a “security website.” I’ve deployed security education websites in many environments over the past 20 years, and I rarely achieve the security level I’d like.
I wanted to watch a security webinar today. But the webinar requires Adobe Flash, in which security researchers seem to uncover 1 or 2 vulnerabilities a month. I discarded Flash when upgrading my OS a couple years ago. It’s ironic that a security webinar might tempt it back onto my machine.
Continue reading Tiptoeing Through Vulnerabilities