Category: Information Security


Security in the news – June 2010

This last week, I had an embarrassing moment when my Facebook account started posting weird “Likes” (in my case, “97 Hottest Women in the World 😀 :: on” – seriously, not my interest), which claimed that I endorsed the site. What makes things worse, in an SNS enviornment like Facebook, your network of friends supposedly share the same interests, ideals and trust, so there is a higher tendency that your friends will further click on these links based on a “Like” endorsement. I was only made aware of this “Like” link because a friend happened to comment on my


What is Information Security?

As I have mentioned before, security is nothing new. The basic tenets of information security are well defined and only articulate, in digital terms, what many of us do in a variety of transparent and automatic ways. By breaking down security into its constituent components, I believe it’s easier to design these components into our modern day electronics so that they are not only easier and more convenient, but more secure because of it. Protecting the confidentiality, integrity and availability of information are the main objectives of information security; however, when implementing a product, service or system to the marketplace,


In 1993, there was a famous New Yorker cartoon that showed a dog telling another, “On the Internet, nobody knows you’re a dog.” While the artist Peter Steiner didn’t give the quote much thought when he wrote it, he unwittingly focused on the key strength and weakness of the Internet. Privacy and anonymity may allow for social and business well-being, yet authentication is essential in a digital world. Authentication is about the continuity of relationships. It helps us to determine who to trust and who not to trust. In fact, in our everyday lives, people authenticate dozens of times a



Biometric technology is a form of authentication used increasingly in everyday life. From taking your fingerprint at immigration to having it as a default feature in Windows 7 (which I was personally responsible for), biometric technology is increasingly used as an alternative to passwords and smart cards. Biometrics is defined as “automated methods of identifying or authenticating the identity of a living person based on a physiological or behavioral characteristic.” Or more simply, it relies on attributes of the individual instead of things the individual may have or know. The history of using biometrics actually goes back many centuries: Genesis



In the early days (pre-commercial internet) of computers, people often wrote their own software and sold it via floppy disks, or it was downloadable via telephone based bulletin board systems (BBS). While the internet existed, it was mostly for academic (.edu), military (.mil) and some government (.gov) use, and was generally off limits to the general public (.com). Some of these people setup BBS in their homes and had many telephone numbers call into their board via modems. Here people exchanged software for other pieces of software and/or downloaded “shareware” applications where users were “guilted” into donating money for the