xBlog: The visual thinking weblog
16th April 2008

Luxury Type

“I’d like to encourage designers to open their mind and consider using some of the other typefaces that are often pre-installed on computers these days. There really are some great choices that are being completely ignored. Granted, not every user is going to have them, but those who do will get an enhanced experience, and those who don’t will be just fine, so long as you specify appropriate alternates (as in MOSe).

Let us compile a list of useable typefaces that we can count on being installed at least some of the time — as well as good alternates for them that are more reliable. Here’s a few I came up with. I think you’ll notice that there are not only some great faces here, but even some that are considered classics or essentials.”

posted in Security/Privacy, Typography, Web design | Permalink | Comments Off

24th February 2006

Things you don’t want Google to find

“”Hacking Google’ isn’t exactly new. That is, using the search engine to look for confidential information. But as McAfee’s senior vice president for Risk Management George Kurtz demonstrated today at RSA conference, that didn’t prevent users and organisations to post those goodies online for anyone to find. ‘You almost get bored finding all these password files. It used to be fun in the old days when you found a password file. Now you just go to Google and find thousands of them,’ Kurtz said.”

posted in Security/Privacy | Permalink | Comments Off

5th December 2005

Concrete steps to protect yourself online

“One area where we ‘geeks’ in the culture are not doing a very good job lately, is in providing concrete advice to our friends and family about how to protect themselves online. Viruses, spyware and security breaches at large institutes make big news, but really the greater risks are from our own actions and practices online. In particular in exposing ourselves to identity theft and other crimes that are occurring on a smaller scale every day.”

posted in Security/Privacy | Permalink | Comments Off

3rd May 2004

Crypto Law Survey

“This is a survey of existing and proposed laws and regulations on cryptography ó systems used for protecting information against unauthorized access. Governments have long restricted export of cryptography for fear that their intelligence activities are hampered by the crypto use of foreign states and scoundrels. Since the rise of crypto use over the past decades, governments increasingly worry about criminals using cryptography to thwart law enforcement. Thus, many countries are considering laws focusing on maintaining law-enforcement and national-security capabilities through regulation of cryptography.”

posted in Security/Privacy | Permalink | Comments Off

2nd March 2004

Computer Security Archives Project

“Computer security as a discipline was first studied in the early 1970s, although the issues had influenced the development of many earlier systems such as the Atlas system and Multics. Unfortunately, many of the early seminal papers are often overlooked as developers (and sometimes researchers) rediscover problems and solutions, leading to wasted time and development effort.”

posted in Security/Privacy | Permalink | Comments Off

3rd December 2003

Verisign Seal

“On November 4, 2003, VeriSign announced a new ‘trust enhancing’ seal which they built using Macromedia’s Flash technology. This new seal makes a connection to their server and displays, in a dynamic text field, the name of the company that bought the certificate. The seal then invites you to click the seal to verify it. This is intended to make people feel more secure about the authenticity of the site they’re visiting. But that is a false sense of trust. The purpose of this page is to demonstrate how poorly designed and implemented VeriSign’s approach really is.”

posted in Security/Privacy | Permalink | Comments Off

26th February 2003

Google as Big Brother

“…For all searches they record the cookie ID, your Internet IP address, the time and date, your search terms, and your browser configuration. Increasingly, Google is customizing results based on your IP number…”

posted in Security/Privacy | Permalink | Comments Off

4th November 2002

Password Usability and Typability

“There is a tension between usability and security. Nowhere is that more obvious than with passwords. System administrators want their users to use passwords like ‘WeRQ#$^zfbr’ and users want to use ‘bob.’ I believe it’s possible to find a reasonable compromise between both.”

posted in Security/Privacy | Permalink | Comments Off

16th July 2002

Secure Password Generator

“The WinGuides.com password generator allows you to create random passwords that are highly secure and extremely difficult to crack or guess due to an optional combination of lower and upper case letters, numbers and punctuation symbols.”

posted in Security/Privacy | Permalink | Comments Off

2nd July 2002

TCPA / Palladium Frequently Asked Questions

“What are TCPA and Palladium? TCPA stands for the Trusted Computing Platform Alliance (TCPA), an initiative led by Intel. Their website is here. Their stated goal is ‘a new computing platform for the next century that will provide for improved trust in the PC platform.’ Palladium appears to be a Microsoft version which will be rolled out in future versions of Windows, will build on TCPA hardware, and will add some extra features.”

posted in Security/Privacy | Permalink | Comments Off

2nd July 2002

TCPA / Palladium Frequently Asked Questions

“What are TCPA and Palladium? TCPA stands for the Trusted Computing Platform Alliance (TCPA), an initiative led by Intel. Their website is here. Their stated goal is ‘a new computing platform for the next century that will provide for improved trust in the PC platform.’ Palladium appears to be a Microsoft version which will be rolled out in future versions of Windows, will build on TCPA hardware, and will add some extra features.”

posted in Security/Privacy | Permalink | Comments Off

1st October 2001

Security Bibliography

“Computer security is in the spotlight more than ever since the September 11 terrorist attacks. To help you find the best resources to protect your systems, we’ve pulled together this list of the best security books by O’Reilly and other publishers.”

posted in Security/Privacy | Permalink | Comments Off

3rd July 2001

Microsoft Does Not Understand Security

“On Thursday, June 28th, 2001, I was invited to attend a multi-way telephone conference with seven of Microsoft’s top Windows XP executives and developers. I was not told beforehand about the conference’s goal, but since only one person would have been required to tell me that Microsoft had changed its mind about XP’s inclusion of full raw socket support, I presumed that their top guys had been assembled with the purpose of convincing me that I was wrong. As the meeting got underway it was soon clear that this was the case.”

posted in Security/Privacy | Permalink | Comments Off

8th June 2001

The Attacks on GRC.COM

“Nothing more than the whim of a 13-year old hacker is required to knock any user, site, or server right off the Internet. I believe you will be as fascinated and concerned as I am by the findings of my post-attack forensic analysis, and the results of my subsequent infiltration into the networks and technologies being used by some of the Internet’s most active hackers.”

posted in Security/Privacy | Permalink | Comments Off

23rd May 2001

My Privacy Policy

“By choosing to interact with me, you agree to accept these practices. I know that you, having just met me a few minutes ago, are concerned about how personal information about you will be gathered and used by me. As a respected provider of interpersonal content, I am committed to protecting your privacy. I have just handed you this notice describing my privacy policy. By continuing to interact with me, you agree to accept the practices described below.”

posted in Security/Privacy | Permalink | Comments Off