Stories by Winn Schwartau

Defending against global information war

The recent attack on the Internet's root servers was more than just a few hackers having fits and giggles with the DNS. In fact, the incident could be the first volley in global information warfare between the private sector of the United States and the government of China.

Another case of security by denial

Large consultancies are paid a lot of money to provide companies with information to help them run their businesses. But sometimes the statements issuing forth from these consultancies has me questioning their value to users.

DefCon - All in good fun

There are no rules at DefCon, the world's largest computer hacker convention. Earlier last month, about 5,000 folks - including network and security folks of every ilk - attended the show, held annually at the Alexis-Park Hotel in Las Vegas.

Applying the Two-Man Rule to Network Security

The U.S. military does not trust a single man to launch a nuclear missile. There is a process, and as we saw in the Denzel Washington submarine thriller "Crimson Tide," communications are essential to proper decision making. It takes a concurrence among several people to ensure that the order to launch the nuke is authentic. In the silo, two soldiers each have to turn a key at the same time to get the launch sequence going. The keys are physically separated so no one person can create nuclear chaos. This "two-man rule" is also applicable to network security.

Security Hiring Practices Need to Come of Age

Last month I attended and spoke at two hacker conventions: Hope2K (H2K), put on by 2600 Magazine in New York, and DefCon in Las Vegas. My conclusion, after having attended these and dozens of other hacker events in the past 15 years, is that hacking has come of age. But have corporate hiring practices come of age, too?

An Effective Way to Disarm Online Muggers

My first mugging was at age 12. I was the muggee, not the mugger. Over the years living in New York, I was held up at knifepoint several times, handed over my wallet and then watched the bad guy scamper away.

Safe Passage: Digital Receipts Ensure Confirmation

New York, Friday, 2:15 p.m. Network Financial Global has spent four intense months putting together a multibillion-dollar deal. The merger and acquisition lawyers say that the contracts absolutely must be signed before 5 p.m. In addition, the banks must be given full legal authorization to move $450 million in cash, and the clearinghouse must be duly instructed to hand over $4.2 billion in stock to the partners in the deal. If the companies blow this deadline, a $125 million penalty kicks in.

Wipe Out Web Graffiti by Going Back to Basics

It totally baffles me that more people haven't returned to the basics to solve a fairly elementary information security problem: Web graffiti and illicit data modification. The basics of information security consist of a simple triad: