My Best From ZDNet

Here are the stories I wrote for ZDNet over the six months of which I am most fond. In many cases, the ones I worked the hardest on and like the most did poorly in traffic. C’est la vie.

2015: Year of the Windows renaissance?
December 23, 2014
After largely avoiding Windows 8, I really got to like Windows 8.1. When Windows 10 comes along I’ll feel a lot better about it and so, I suspect, will everyone else.

Congress blocks ICANN transition. Good.
December 17, 2014
The “Cromnibus” budget bill blocks the Obama administration’s plans to relinquish control of Internet domain name and address administration. We’re all better off this way.

Microsoft update blunders going out of control
December 15, 2014
[UPDATED] We have had an absolute deluge of problem updates from Redmond recently and some have been serious. What’s up at Microsoft?

FCC broadband reclassification will cost consumers
December 8, 2014
A study shows that Title II reclassification of broadband in pursuit of net neutrality brings with it federal, state and local fees that would be over $100 per year in many areas.

Hacked Windows XP still updates, still a bad idea
December 3, 2014
Yes, you still can trick Microsoft into giving you security updates for Windows XP. No, it’s not a good idea. You are not protected.

Give thanks they haven’t forced net neutrality yet
November 26, 2014
Worse than a solution looking for a problem, the campaign to regulate ISPs aggressively is based on lies. Netflix and one transit ISP were the source of performance problems earlier this year.

Why are there more browser vulnerabilities these days?
November 11, 2014
UPDATED. I ran the numbers and vulnerabilities in browsers are up this year, as is their severity. We know more about this for Internet Explorer because Microsoft provides the most data.

Mobile app permissions: Who does it right?
October 28, 2014
Apps running in mobile operating systems must get permission from the user for all sorts of things. This can be confusing. Do some do it better than others?

Effective security techniques we don’t follow enough
October 22, 2014
In almost every security incident there’s some best practice that someone didn’t follow. Here are six security technologies and techniques that would help in these cases.

When POODLEs attack, IPS and NGFW are your first defense
October 16, 2014
At times of crises like POODLE, Heartbleed and Shellshock, a good network IPS often provides effective protection long before it’s practical to have systems patched.

Don’t blame Dropbox: It’s all your fault
October 14, 2014
If Dropbox is correct that the Pastebin file of passwords were all reused from other services then they are innocent. The users involved are guilty of laziness.

Wi-Fi Passpoint polishes provisioning, policy
October 8, 2014
The Passpoint specification for seamless and secure wireless network authentication now has on-the-spot provisioning and more operator policy control.

Passpoint: Why all the no-shows?
October 9, 2014
Most of what’s broken with Wi-Fi is fixed with Passpoint. So why are so many important companies on the sidelines?

Isn’t Apple a Leader in Security?
September 8, 2014
The iCloud hack has cast Apple in a poor security light. Yes, the company dropped the ball on this one, but it is a leader in many other ways.

Google accelerates end of SHA-1 support; certificate authorities nervous
September 2, 2014
UPDATED. Google is consciously using their influence to push certificate authorities to advance security standards soon. Would you believe the problem is Windows XP SP2?

Six Clicks: Two factors are better than one
August 22, 2014
Time and again we write about security breaches that would have been prevented by two-factor authentication. What are the ways people do this in the real world?

California court mandates BYOD reimbursement
August 19, 2014
An appeals court rules that, under CA labor law, employee use of personal cell phones must be reimbursed, even if the employee has an unlimited or flat rate plan.

Ferguson: Another case for public security cameras
August 19, 2014
The benefits are large and the privacy concerns are phony. Police should have cameras on them and the more cameras in public places, the better.

Snort on home routers – what a great idea
August 18, 2014
Itus Networks is building a router that has the Snort IPS built in. Why isn’t everyone doing this?

Security fails without usability
August 15, 2014
When you make security hard to use, users look for a way around it. That’s why efforts to make the Internet more secure must be held to a high usability standard.

The billion dollar web site you paid for
August 13, 2014
Whoever heard of a pure IT project that cost a billion dollars to build (so far)? A GAO investigation goes deep into just how bad the process of building HealthCare.gov was.

Passwords are key when firing employees
July 22, 2014
Many companies don’t do all they should to secure the company from a potentially hostile former employee. Without the right tools it can be hard.

Conficker: Still spamming after all these years
July 3, 2014
How pathetic is the security in many enterprises? Almost six years since the patch to stop it was issued, Conficker is still one of the most common threats.

OpenSSL describes its own sad state of affairs
July 2, 2014
On the road to recovery from the devastation of Heartbleed, the OpenSSL project has made a searching and fearless moral inventory of itself.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: