“Design Patterns” for Identity Systems

September 18th 2008

These are design patterns in the Christopher Alexander sense rather than the object oriented design sense: they address the physical and network environment rather than focusing on software abstractions. The patterns were introduced in my book Authentication.

There are four patterns: local, direct, indirect, and off-line.

Continue Reading »

Posted under Information Security | No Comments »

Finally - fixing the updater vulnerability

August 4th 2008

One of my personal nightmares is in the automatic software updating mechanism that infests every significant modern software package. It’s a huge vulnerability.

Many vendors ignored the problem because they hadn’t seen a real exploit. In a recent article, Security Fix tells of a researcher in Argentina who has implemented a sample exploit, so vendors are (finally!) paying attention.

In these days of commercialized hacking, it makes sense to armor plate the whole software distribution pipeline. It’s about time people started paying attention.

Continue Reading »

Posted under Information Security | No Comments »

Desktop changes = Microsoft disaster

May 30th 2008

Ray Ozzie was talking at a conference, reported on by Mary Jo Foley in which he briefly compared the risk to Microsoft by Google and open source. The report also talks about Microsoft’s “culture of crisis.” I think the culture of crisis is the key to their success. Bill Gates was always identifying threats and demanding action: that’s how he kept the company energized even as it grew huge.

Of course, Microsoft is burning their own bed regarding open source. A lot of people stay with Windows because it is familiar and they are afraid of the alternative. They’ve learned how to use XP (which was pretty similar to 2000, and 98, and so on) and it’s easy to just keep using it. Then they arrive at Vista and everything is different! Menus hidden and holding different info. Start menu is radically different. Window frames are completely different.

In other words, at least 80% of computer users could switch from Windows XP to Ubuntu and not suffer any worse than if they’d switched to Windows Vista. Probably the same is true for the ‘upgraded’ Office product versus Open Office.

Continue Reading »

Posted under Household Tech | No Comments »

Death of the mouse?

May 30th 2008

So Bill Gates claims the mouse will be replaced by touch screens.

I’m not so sure myself. Continue Reading »

Posted under Household Tech | No Comments »

Next »