unmitigatedrisk.com - Information Security

Information Security

Did you know you can disable the use of USB storage devices in Windows?

posted @ Thursday, November 13, 2008 2:28 AM | Feedback (0)

How to tell if a volume is Bitlocker protected with TPM and PIN

posted @ Wednesday, November 12, 2008 2:47 AM | Feedback (1)

What I have been up to for the last year...

posted @ Friday, November 07, 2008 4:47 PM | Feedback (0)

Hah, this reminds me of some usability tests I have seen...

posted @ Saturday, June 21, 2008 11:06 PM | Feedback (0)

Cem has a interesting post on LifeLock

posted @ Wednesday, June 18, 2008 10:58 PM | Feedback (2)

Did you ever wonder who contributes to Internet standards?

posted @ Wednesday, June 18, 2008 10:25 PM | Feedback (0)

MSNBC publishes 10 worst jobs in science...

posted @ Thursday, May 29, 2008 2:56 PM | Feedback (0)

OK, I admit it, I am twisted...

posted @ Saturday, March 22, 2008 5:22 PM | Feedback (0)

RFC 5216 is published!

posted @ Saturday, March 22, 2008 11:33 AM | Feedback (0)

Book: The New School of Information Security

posted @ Sunday, March 09, 2008 2:35 PM | Feedback (0)

Cool paper on measuring identity theft...

posted @ Wednesday, March 05, 2008 8:02 PM | Feedback (2)

Thank goodness, finally a security silver bullet...

posted @ Thursday, January 10, 2008 7:04 PM | Feedback (0)

Book: Windows Server 2008 PKI and Certificate Security

posted @ Thursday, January 10, 2008 7:59 AM | Feedback (0)

Book: Windows Server 2008 Networking and NAP

posted @ Wednesday, January 09, 2008 1:51 PM | Feedback (0)

Good post on stupid TLS practices...

posted @ Tuesday, December 18, 2007 9:08 PM | Feedback (0)

SCVP is done? OMG...

posted @ Friday, December 07, 2007 3:16 PM | Feedback (0)

Back from Cartes, had a great time…

posted @ Monday, December 03, 2007 5:07 PM | Feedback (2)

Started a new job this week...

posted @ Saturday, November 10, 2007 12:37 PM | Feedback (1)

Read several interesting threads and articles this weekend...

posted @ Saturday, October 20, 2007 9:16 PM | Feedback (0)

What is Server Gated Cryptography?

posted @ Sunday, September 30, 2007 8:24 PM | Feedback (0)

What a wonderful idea, a NAS in a Fireproof safe...

posted @ Sunday, September 30, 2007 2:22 PM | Feedback (2)

I have been subpoenaed as an expert in a class action lawsuit...

posted @ Sunday, September 30, 2007 12:20 PM | Feedback (0)

LW OCSP is DONE!

posted @ Tuesday, September 25, 2007 10:14 AM | Feedback (0)

Security theater gone wild…

posted @ Friday, September 21, 2007 2:54 PM | Feedback (1)

Death match: Kerberos vs. PKI

posted @ Thursday, September 20, 2007 12:15 PM | Feedback (0)

Greenfield technologies…

posted @ Thursday, September 20, 2007 12:02 PM | Feedback (0)

Dear PKI, get over yourself...

posted @ Thursday, September 13, 2007 5:30 PM | Feedback (0)

FKA-TLS it’s just a good idea….

posted @ Wednesday, September 12, 2007 3:41 PM | Feedback (0)

Time to regulate subdermal rfid?

posted @ Sunday, September 09, 2007 8:02 PM | Feedback (0)

Network World: Microsoft is honest and brilliant with NAC...

posted @ Friday, August 31, 2007 3:11 PM | Feedback (0)

More work on reputation systems, this time focused on Wikipedia

posted @ Friday, August 31, 2007 7:53 AM | Feedback (0)

Microsoft's Anti-Virus Now "up-to-snuff" on signatures...

posted @ Thursday, August 30, 2007 9:59 AM | Feedback (0)

Good post on clearing IEs SSL cache from JSCRIPT

posted @ Tuesday, August 28, 2007 1:48 PM | Feedback (0)

Want to see what it is I do?

posted @ Wednesday, August 22, 2007 5:20 PM | Feedback (1)

I told you they are after me!

posted @ Tuesday, August 21, 2007 4:54 PM | Feedback (0)

Interesting read: "Thoughts on the Social Graph"

posted @ Monday, August 20, 2007 9:05 AM | Feedback (1)

So you want to integrate with the Windows Cryptographic and Certificates Frameworks?

posted @ Sunday, August 19, 2007 10:38 AM | Feedback (0)

Interesting article on Identity Theft ring bust..

posted @ Saturday, August 18, 2007 5:01 PM | Feedback (0)

A review of the IronKey USB Smartcard + Flash Drive + Anonymizer

posted @ Saturday, August 18, 2007 3:05 PM | Feedback (9)

Reputation systems gone wild....

posted @ Friday, August 17, 2007 8:09 PM | Feedback (0)

What is a wildcard certificate and why are they a bad idea?

posted @ Friday, August 17, 2007 5:27 PM | Feedback (0)

Interesting article on Piracy worth reading...

posted @ Thursday, August 16, 2007 4:18 PM | Feedback (0)

How to protect yourself from (financialy related) identity theft...

posted @ Monday, August 13, 2007 3:52 PM | Feedback (3)

Interesting article on the antifraud features/policies of credit cards

posted @ Monday, August 06, 2007 3:02 PM | Feedback (0)

TPMs are broken, and more FUD from the trenches….

posted @ Tuesday, July 17, 2007 10:40 AM | Feedback (0)

Only the last four digits are shown to help prevent identity theft…

posted @ Saturday, July 07, 2007 10:50 AM | Feedback (0)

Were spying on you, NOT!

posted @ Monday, July 02, 2007 9:50 AM | Feedback (0)

rfc2716bis-11 has been published

posted @ Thursday, June 28, 2007 12:37 AM | Feedback (0)

LW OCSP Finally in IESG Last call!

posted @ Wednesday, June 27, 2007 4:52 AM | Feedback (0)

Why self signed certificates are not a sin.

posted @ Wednesday, May 30, 2007 10:34 AM | Feedback (0)

N+I Vegas re-cap

posted @ Friday, May 25, 2007 9:11 AM | Feedback (1)

N+I Vegas here I come...

posted @ Monday, May 21, 2007 4:50 AM | Feedback (0)

802.1x NAP is getting more good press....

posted @ Tuesday, May 15, 2007 4:24 PM | Feedback (0)

Great article on HIPs (even if a bit dated)

posted @ Saturday, April 07, 2007 6:48 PM | Feedback (0)

I wish I had thought of this...

posted @ Thursday, April 05, 2007 2:33 PM | Feedback (0)

Asking the drunk if they are drunk

posted @ Thursday, April 05, 2007 1:49 PM | Feedback (3)

Recycling Electrons: Dan Greer once said I was a good security person.

posted @ Thursday, March 22, 2007 12:33 AM | Feedback (0)

Symantec said waaa?

posted @ Wednesday, March 21, 2007 11:58 PM | Feedback (0)

Can you sell strong authentication in the retail channel?

posted @ Tuesday, March 20, 2007 9:05 PM | Feedback (0)

A chicken in every pot and a CA on every DC

posted @ Tuesday, March 20, 2007 10:45 AM | Feedback (0)

Why MAC addresses do not belong in certificates

posted @ Monday, March 19, 2007 4:20 PM | Feedback (2)

Lightweight OCSP Profile now standards track and in IETF WG last call.

posted @ Monday, March 12, 2007 9:13 PM | Feedback (0)

Logout a mutually authenticated TLS session in ECMAScript?

posted @ Monday, March 12, 2007 8:02 PM | Feedback (0)

Trusted Computing Group, here I come...

posted @ Monday, November 13, 2006 12:55 PM | Feedback (0)

Why has this just not happened yet?

posted @ Thursday, November 09, 2006 11:43 AM | Feedback (0)

Logo's, Logo's Everywhere!

posted @ Wednesday, November 08, 2006 4:10 PM | Feedback (0)

IETF 67 - San Deigo

posted @ Saturday, November 04, 2006 9:57 AM | Feedback (0)

30 Years Of Public Key Cryptography...

posted @ Saturday, October 28, 2006 9:07 PM | Feedback (0)

Things I have worked directly with at Microsoft

posted @ Tuesday, October 24, 2006 11:24 PM | Feedback (0)

Understanding Server Gated Cryptography

posted @ Saturday, October 21, 2006 9:00 PM | Feedback (1)

Lightweight OCSP Profile for High Volume Environments

posted @ Saturday, October 21, 2006 8:46 PM | Feedback (0)