One-Minute Security Program Health Check

In an ER when a new patient presents, doctors need to quickly assess the patient’s health and determine what needs to be done. Their survey checklist of mental state, airway, breathing, and circulation is intended to ensure that the most critical issues are identified and treated first, and that vital functions are not neglected. If … Continue reading One-Minute Security Program Health Check

D.I.O.R. – A model for Information Security Organizations

Establishing an effective security organization is always a challenge. Clearly defined responsibilities and scope of authority for security organizations vary widely across different companies and industries. To help address this challenge, I have developed the following model organizational framework for the information security function. As a model, this should be considered a starting point for … Continue reading D.I.O.R. – A model for Information Security Organizations

Taking control of your photo privacy

While Apple still (as of this post) looks to abandon its position as a privacy leader, with their introduction of a backdoor on all Apple devices, it is time to discuss alternatives to Apple’s products. Note, I don’t mean the IOS and macOS operating systems, as Android and Windows are even worse when it comes … Continue reading Taking control of your photo privacy

It’s the Principle of the Thing…

“We at Apple believe that privacy is a fundamental human right,” Apple’s CEO, Tim Cook I’m sorry Apple, but you have violated my trust, perhaps permanently, and it’s time for us, if not to break up, to at least start living more separate lives. Despite your advertising and messaging that privacy is a right and … Continue reading It’s the Principle of the Thing…

Another Router Bites the Dust

Another day, another long term, critical, and likely unpatachable flaw in consumer and business routers is exposed. See https://www.cpomagazine.com/cyber-security/12-year-old-router-vulnerability-discovered-affecting-millions-of-devices-exposing-serious-supply-chain-risks/ As I have said repeatedly, the software in most consumer routers is crap, and this is being generous. Not only is it crap to begin with, even when critical flaws are discovered and exposed it can … Continue reading Another Router Bites the Dust

There are no good “backdoors”

A backdoor is a backdoor, regardless of how noble is the intent behind it. This analysis, by the experts at the Electronic Frontier Foundation, dives into the details of Apple’s recent announcement regarding the scanning of iMessages and iPhotos. This is the very definition of the slippery slope. Once a capability is implemented that erodes … Continue reading There are no good “backdoors”

Digital Privacy Starts at Home

With the rapid degradation in privacy rights as demonstrated by Apple’s change to scan iPhoto uploads for child porn (and whatever else governments that are supplying the matching hashes want to be identified), I will be now using the Heuristic Security Blog to discuss relevant security/privacy issues and provide information on how people can protect … Continue reading Digital Privacy Starts at Home