Blog Archives

Facebook’s Eroding Privacy

A recent New York Times article about Facebook’s ridiculous privacy policy and settings got me to take 15 minutes and lockdown my privacy settings. In the past I’ve taken the time to review my privacy settings but Facebook doesn’t make

Posted in General, Security Tagged with: ,

Lame Credit Card Zip Code Security

Why is it that all gas stations seem to require your zip code to validate your credit card at the pump? Requiring me to type my zip code is a poor user experience and extremely poor security. According to the

Posted in Security Tagged with: ,

Expand URL

The popularity of short URL services, like and, has grown due to the character limits of Twitter. These services pose a security risk because they could be used to conceal the addresses malicious sites. Users are being taught

Posted in Computers, Hacking, Security Tagged with: ,

Dead Relative Left Me Millions

I got an email today from an advantageous SPAMer. Apparently, I have $11.5 million dollars coming to me. I found it interesting that this email had a disclaimer at the bottom.  These guys are getting creative. At first glance the

Posted in Computers, Security Tagged with: ,

The CISSP is not a technical certificate…

Here is a great article write by Martin McKeay check it out… Repeat after me, “The CISSP is not a technical certificate, it’s a management certificate” I’ve held my CISSP for coming on 5 years now.  I earned my CCNA

Posted in Security

Structured Query Language – SQL Injection

A major attack vector web programmers sometimes forget about is input cleansing. If user inputs are not cleansed prior to submitting the data to the SQL server attackers can submit malicious code to the server. This code can make the

Posted in Hacking, Security Tagged with:

Security Hole

The other week I found a major security hole in one of the systems at work. I notified my manager who then notified the correct people. I am waiting to see if this issue gets resolved. So far I have

Posted in General, Security Tagged with:

How to Create a Security Team for $4.95, Plus Tax – Security Catalyst

Fun Article from the Security Catalyst. Full Article Here. In addition to getting to break things in order to help our customers prevent assorted miscreants from doing so, one of the many hats I wear at QuietMove is the amorphous

Posted in Security

How To Not Catch Terrortist – Bruce Schneier

Great article by Bruce Schneier title How To Not Catch Terrorist. Click here for the article. “Data mining for terrorists: It’s an idea that just won’t die. But it won’t find any terrorists, it puts us at greater risk of

Posted in Security

Principle of Least Privilege

The Principle of Least privilege simply put requires that in a computing system every process, user, and program must be able to access only information and resources that are necessary to its job duty. The principle of least privilege was

Posted in Computers, Security