I have often written about episodes where security fails, even in cases when it should not have, had basic good practices been followed. So one might ask, ‘why don’t we hear about many success stories?’ A reason for that is …

Recently I came across two different stories that made me wonder why companies fail to take security seriously until after they fall victims to attacks. The first story, as reported by The Register, reports system failure as being the number …

One of the most hated security policies is that of asking users to have different passwords for each different service they make use of. Many see this as unnecessary because they reason that if their chosen password is strong enough …

While the return on investment (ROI) can be quite clear cut in certain cases, such as in business sales where statistics can demonstrate whether there was an increase or not, there can be cases where a system is helping increase …

After being involved in security for a while it’s natural to see certain threats without even thinking about it. Sometimes you wonder whether you’re being paranoid or if you’re being pessimistic but then something happens and you realise that maybe …

When it comes to monitoring employee internet usage, employees are usually quite hostile to the idea even though it is in their best interest as much as it is for the business. Employee internet monitoring is generally seen as a …

Recently I wrote an article highlighting steps to take if you provide public computer access to your customers to ensure their security. The news then broke out that hardware key loggers were found at public libraries in Manchester. Public libraries …

Recently an interesting story broke out where Theo de Raadt (OpenBSD project Manager) received an email from Gregory Perry, former CTO of NETSEC claiming that about 10 years ago the FBI paid developers working on the IPSEC implementation of OpenBSD …

Following a comment by one of our valued readers, Patrick, I decided to write an article about Sniffing because the subject is way too broad to discuss via comments. Patrick mentioned an event which happened recently. A Chinese Telecommunications company …

Security can be very controversial at times, especially when it seems that security is throwing logic out of the window. Security is sometimes applied in a scenario when logic would dictate that it’s not really needed. Is this a good …