Albert Zenkoff Post list
Dump anti-virus and move to secure-by-design?
- Albert Zenkoff
- 2013-10-15
- Society, antivirus, economics, externalities, infection, malware, mobile, ROI, secure by design, security investment, virus
I stumbled across an article this morning that analyses the threat to the mobile devices from malware and comes to the conclusion that it is not likely a good idea to have an anti-virus on your mobile. The premises are that only a very few of the mobile devices are currently infected, so the conclusion ...
Read More
Security Assurance vs. Quality Assurance
- Albert Zenkoff
- 2013-10-02
- Management, Development, philosophy, process, Quality Assurance, Security Assurance, software design, software security
It is often debated how Quality assurance relates to Security assurance. I have a slightly unconventional view of the relation between the two. You see, when we talk about the security assurance in software, I view the whole process in my head end to end. And the process runs roughly like this: The designer has ...
Read MoreSecurity Breach at Unique Vintage
- Albert Zenkoff
- 2013-09-27
- Management, breach, credit card, customer information, exposure, news, rules, security diligence, user information, web
There is news that women’s clothing website Unique Vintage has sent notifications to the customers that the site has been breached and the customer information was exposed. What is interesting is that the website is fully PCI compliant, i.e. it follows all rules for security set forth by the credit card industry. And still, it ...
Read MoreUser Data Manifesto
- Albert Zenkoff
- 2013-09-20
- Society, cloud, control access, general, initiative, manifesto, own data, philosophy, privacy, private data, storage, transparency
Having a confirmation that the governments spy on people on the Internet and have access to the private data they should not sparked some interesting initiatives. One of such interesting initiatives is the User Data Manifesto: 1. Own the data The data that someone directly or indirectly creates belongs to the person who created it. ...
Read MoreIn the news
- Albert Zenkoff
- 2013-09-12
- Society, BlackBerry, give up privacy, Google, internet, mobile phone control, moral obligation, news, NSA, privacy, protection, Vint Cerf
I do not often want to comment the news so today is a special day. The first piece is an article on the popular subject of NSA Web Surveillance quoting some well-known people starts off on a good direction but gets derailed somehow into recommending obscurity for security. Strange as it is we really should ...
Read More
Nokia is gone. So is mobile security.
- Albert Zenkoff
- 2013-09-06
- Society, Apple, Google, inevitability, Microsoft, mobile, Nokia, NSA, orchestrated takeover, privacy, surveillance
The recent acquisition of Nokia by Microsoft stirred up investors and Nokia fans. But, the question goes, what does it have to do with security? (Not) Surprisingly, a lot. Working in security makes people slightly paranoid over time, that is a fact. On the one hand, without being suspicious of everything and checking all strangeness ...
Read MoreWhat are NFC cards and how are they protected?
- Albert Zenkoff
- 2013-06-18
- Technology, contactless smart cards, countermeasures, embedded, ISO 14443, NFC, NFC cards, perfect security, Physical security, protection, security, smart card security, smart cards, sony felica, wireless
Ever since I posted an initial article “Hack NFC Door Locks” I see a steady stream of people that come with queries like “what’s the protection of an NFC card” and “how do you hack a protected NFC card”. Obviously, there is something out there interesting enough for people to begin inquiring. What is an ...
Read More
Password recovery mechanisms – Part 3
- Albert Zenkoff
- 2013-05-22
- Technology, advice, captcha, Development, general, guidance, guide, password management, password recovery, passwords, rules, software, software design, user information
Passwords remain the main means of authentication on the internet. People often forget their passwords and then they have to recover their access to the website services through some kind of mechanism. We try to make that so-called “password recovery” simple and automated, of course. There are several ways to do it, all of them ...
Read MorePassword recovery mechanisms – Part 2
- Albert Zenkoff
- 2013-05-21
- Technology, authentication, Development, general, guidance, guide, password database, password management, passwords, rules, secondary channel, software design, user information
Passwords remain the main means of authentication on the internet. People often forget their passwords and then they have to recover their access to the website services through some kind of mechanism. We try to make that so-called “password recovery” simple and automated, of course. There are several ways to do it, all of them ...
Read MorePassword recovery mechanisms – Part 1
- Albert Zenkoff
- 2013-05-21
- Technology, authentication, Development, dumpster diving, general, guidance, password management, passwords, protection, rules, secret questions, security design, software design, user information
Passwords remain the main means of authentication on the internet. People often forget their passwords and then they have to recover their access to the website services through some kind of mechanism. We try to make that so-called “password recovery” simple and automated, of course. There are several ways to do it, all of them ...
Read MoreAbout the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.
Share and stay updated
Share and stay updated
About the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.