Tag Archives: help

Are you prepared to deal with non-humanity?

Interesting how the media changes the world, the perception of the world. Just recently, until the nineties, the media (movies, really) was all about defending the Earth against an invasion by some other “thing”, be that Terminator, Aliens, or Martians Attack. Humanity all stood as one and some heroes emerged from within to fight the enemy and defend the humankind from extermination. People showed bravery and heroic abandon in this fight, demonstrating how much they value the Life over their own life.

Since the nineties, we see more and more of the other kind – the humanity is fighting against some enemy that is either external to it or grows from within. The people are weak though and cannot fight the enemy on their own. Now, there is always some external power, be it the Mutants, the Autobots or the Fantastic Four that save the day while humans scream and cower in terror. The heroes are always non-human in some way.

What does it teach us?

  1. We are weak and in the future war we cannot resist the might of the invaders,
  2. So all the humans can and should be prepared to do is cower in a remote corner and weep and that’s okay, because
  3. There is some other form of life that will save us.

Lesson: be prepared to discover the monsters in your midst compared to whom you are nothing but do not get too aggravated because some of them are actually going to protect you from harm out of purely altruistic motives. Great state of mind, eh?… -->

continue reading →

A security blog – to be or not to be?

I have been toying with the idea of starting a security blog for some time now. Today, again, was talking to my colleagues and at least one of them thinks it is a great idea.

I always look with horror at what passes as security “features” proposed to the people who just start writing websites. The frameworks are no better, they usually have a long outdated set of functions. Or some of them are defective by design. And there seems to be no place on the whole Internet to turn for help. You would not e-mail Bruce Schneier every time you need to make a password hash, would you?

So I think there must be a place where people can turn to for some information on how the proper security is built. How the user authentication should be set up, how the passwords are stored, what is a good and a bad implementation of “remember me” function and so on. Something has to be done to improve the security of all those start-up website coming online by the thousand every day. Even old companies, like LinkedIn and Citibank, get hacked because they do not do it right. The help on security must be provided somehow, somewhere.

Isn’t there such a  place already?… -->

continue reading →