What`s New
Biometrics – any good?
- Albert Zenkoff
- 2012-07-20
- Technology, authentication, biometrics, identification, philosophy, security, technology, tracking
I think I already talked about this subject previously but not here. Anyhow, the subject bears repeating. Many go “yippee!” at the mention of biometrics and start to think their user authentication problem is solved. Do not pay attention, they will end up in the newspaper headlines fairly soon, either for massive security failures or ...
Read MoreKeep it simple – user names
- Albert Zenkoff
- 2012-07-18
- Technology, Login, random, rules, user id, user information, user name
All right, now after the lengthy discussion on user names and ids let’s have some simple rules: Do not use sequential numbers for user ids. Do use random numbers for user ids. Do not use any scheme for user names that ties (semi-)public user information to the user name. Use user nicknames (aliases) if “natural” ...
Read More
What’s in a name?
- Albert Zenkoff
- 2012-07-17
- Technology, good name, rule, selection, unpredictable, user id, user information, user name, user names
Here is something quite interesting. Nobody ever considers the user names. They are just sort of “given”. Well, are they? Most of the time, they are not. They are assumed and designed into the system one way or another. And they can have an impact on security. An old saying goes that a secure Windows ...
Read MoreWhy bother?
- Albert Zenkoff
- 2012-07-15
- Management, inevitability, management, philosophy, security
Hmm… Good question… Well, let’s get this straightened out before we jump into other interesting subjects. Every single website and application, every single computer system gets broken into. For fun, money, fame, accidentally. This is just the way it is and I have to accept this as the current reality. I may not like it ...
Read MoreWelcome to “Holy Hash!”
- Albert Zenkoff
- 2012-07-14
- General, basics, fun, general, lighter side, security, why
This is a lighter software security blog. I start it now mainly because of two reasons. First, something has to be done. The recent break-ins at the likes of LinkedIn and Yahoo show that even at the large companies people do not understand the basics of security. By looking at what is proposed and advised ...
Read MoreAbout the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.
Share and stay updated
