You're only as secure as your weakest link. That bit of wisdom has hit home for Apple Pay of late. Fraudsters have wasted no time finding and exploiting the mobile payment system's weak link to their advantage.
Stories by Kenneth van Wyk
Though she may have broken no laws, Hillary Clinton acted irresponsibly in using a personal email account to conduct official U.S. government business in her capacity as secretary of State.
Several electronic and mobile payment options have become available, but most of us in the U.S. are still using plain-vanilla credit and debit cards with magnetic stripes. They use technology that dates to the first Nixon administration. That's not a problem in itself; I have no problem with time-tested security measures that work effectively. But just look around: Data breaches are everywhere, and those magnetic-stripe cards are often implicated.
Is the dawn of the age of ubiquitous e-payments finally here? Can we throw away our credit cards yet?
Yes, users sometimes do stupid things. Some always will. But developers need to do more to save users from themselves.
Kenneth van Wyk: If you want developers to give a hoot about security, take a lesson from the squirrels
The problem with all too many software developers, from a security professional's point of view, is they lack a healthy sense of mistrust.
We can do things now to make things a little easier should we face another widespread security defect in code like OpenSSL.
It's disturbing that Apple would release an essential fix for iOS while ignoring the exact same problem in OS X.
Restoring trust in our information systems after Edward Snowden's NSA revelations will take years -- if it can be done at all.
There's no good reason for the U.S. to be so far behind in adopting EMV.
International travel can require some pretty strong security measures if your devices contain sensitive information.
Much has been written already about the new iPhones and the iOS 7 operating system. Some people are underwhelmed by the OS ("Apple is just stealing ideas from Android now!") and disappointed by the iPhone 5C ("Apple still isn't making cheap phones!"). For us security geeks, though, the big news is in the iPhone 5S's fingerprint scanner. It has also drawn its share of negative reactions, with privacy folks screaming bloody murder ("Big Brother is here!"). I am not insensitive to privacy concerns, but
Internet communications are prey to surveillance, but you can better shield them.
Bug bounty programs are probably very cost-effective for software vendors, but they reward bad behavior.
Deciding on the level of encryption you should be using requires careful consideration.