security theater
Rational Astrologies and Security
John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security way that designers can spend their security budget: on making their own ...
Finally! Windows to Block Password Guessing — by Default
Brute-force guessing of Windows credentials is a common entry point for hackers. After 27 years, Microsoft is finally fixing the dumb default that allows it ...
Why Vaccine Cards Are So Easily Forged
My proof of COVID-19 vaccination is recorded on an easy-to-forge paper card. With little trouble, I could print a blank form, fill it out, and snap a photo. Small imperfections wouldn’t pose ...
More Musings on Reverse Security Theater and “Security Signalling”
“Security theater” (a term widely attributed to Bruce Schneier) “refers to security measures that make people feel more secure without doing anything to actually improve their security.” This concept essentially denotes fake, ...
Trust Nothing if You Want Real Security
As I looked over the schedule for Check Point’s CPX 360 conference, one keynote session jumped out at me, not because of the topic but because of the name of the presenter: ...
