Security Blog

The company that I founded many years ago in California became famous for creating data security tools. Later on, I helped to create one of the most widely distributed biometric security standards in the world, and since then I have continued to work in the field of information security. In these posts I will focus on the theme of “security,” not only in the limited sense of contemporary IT security, but as part of a broader concept of risk management that is visible throughout history and across the natural world.

Weak signals or willful failure to perceive them?

The following is a speech I gave at this years World Economic Forum in Davos, Switzerland. The theme for this years Davos was “Resilient Dynamism” and I thought it worked well with the topic “Weak Signals” that I was about to discuss. Actually, in a perfect world, the following was supposed to be the speech I was supposed to give, however, I wasn’t allowed to use notes or a teleprompter, so the actual presentation turned out to be what I remembered of the text below: Reducing loss from natural disasters – Weak signals or willful failure to perceive them? I’d like to challenge the proposition that the notion of “weak signals”


In 1993, there was a famous New Yorker cartoon that showed a dog telling another, “On the Internet, nobody knows you’re a dog.” While the artist Peter Steiner didn’t give the quote much thought when he wrote it, he unwittingly focused on the key strength and weakness of the Internet. Privacy and anonymity may allow for social and business well-being, yet authentication is essential in a digital world. Authentication is about the continuity of relationships. It helps us to determine who to trust and who not to trust. In fact, in our everyday lives, people authenticate dozens of times a day in the same way animals, plants and even viruses (the


Information security threats

This page includes various examples of PC and not-so-obvious non-PC based attacks that have actually happened recently around the world. Computers now pervade every facet of our lives. Sometimes people forget that many daily appliances (i.e., refrigerator) and consumer electronics (i.e., TV) now contain very sophisticated computers that can be compromised. Please revisit this page from time-to-time as I will continue to update it with other interesting examples. First of all, security threats can be broken down into three general categories, and products designed to be “secure” need to be able to address and cope with each of these situations. Physical threats – natural disasters, such as “acts of god,”


Security Blog

Due to popular demand, I have broken out the security portion of my blog and created a separate dedicated site: http://security./. I hope to create a repository of information security tidbits so that people can have a better understanding of how difficult “real security” is.  This blog/repository will be a place where I add things from my experience in information security and hope, over time, it will become a reference for those who don’t want to repeat common mistakes. Obviously, I welcome all comments and would like to improve the content through interactive dialog.


Hacker sentenced to 20-years

It used to be that when a hacker stole money from a bank via the internet and got caught, the sentence was a lot less than a robber going into a physical bank and holding it up.  The sentencing of computer hackers have finally caught up with the modern era. As I have mentioned in a recent blog, online thefts have doubled in the last year to over half-a-billion dollars.  During the same period, bank robberies (the physical kind) only took in $9.5 million or about 1/50th.  However, the sentencing for hackers (considered a white-collar crime) was only a few years (if any) while bank robbers usually got over five.  Granted, many

Leave a Reply

Your email address will not be published. Required fields are marked *