Larry Seltzer

Governments seem determined to adopt RFID in identity documents and to view it as a security device. Privacy advocates seem determined to oppose them in all cases. I think this stuff is complicated. Now the state of Washington has come up with a plan for a voluntary pilot project of drivers licenses that integrate many […]

Theres nothing like a big, fat scandal to kick obstinate authorities into gear, pursuing the goals they always speak highly—if vaguely—about. This weeks ICANN meeting in Lisbon (do they ever meet in the United States?) presents an opportunity for the organization to have some talking points ready when things get really ugly on April 1. […]

Ive been writing for years on the problems for ordinary consumers in the domain name market. They have been the victims of thieves and unethical domain registration companies and the agency of supposed authority in this space, ICANN (Internet Corporation for Assigned Names and Numbers), has generally denied that it has a place in putting […]

Its tempting for most people to be attracted to specific security gimmicks like UAC (User Access Control) when judging how secure a product like Windows Vista is, but thats not what Microsoft people talk about. When you talk to Microsoft technical people (or read their blogs), they talk incessantly about the SDL or Security Development […]

The compromise of the WordPress 2.1.1 distribution code on its own servers got me thinking about the weaknesses of code distribution security as a general matter. The subject didnt originate with this attack, although it is a stirring reminder of how serious it can be. On most platforms a distribution file is accompanied by a […]

Every time Microsoft releases “the most secure version of Windows yet,” as they all have been so far, they set themselves up to look like suckers when the problems roll in. And of course theyre going to. Almost as common as Microsofts explanations about how much more secure Vista would be than earlier versions of […]

Sometimes standing up for individual rights is not just a matter of principle, its common sense. The prosecution of former Orange County, Calif., Superior Court Judge Ronald C. Kline for child pornography is a case that stands out in this respect, and for reasons which have a lot to do with computer security. Kline had […]

They dont moan about it in public much, but several Microsoft employees have complained to me that most of the bad experiences users have with new Windows computers comes from the dreadful software that OEMs preinstall on those computers. Large businesses dont generally put up with it. They dont take the preloaded media players and […]

If you havent used OpenID yet you probably will soon. This new open standard for identity exchange on the Internet is picking up support from all over the place, and appears unstoppable in the blogosphere. AOL is the latest large company to announce support for OpenID, and its a smart move for them, making your […]

Adobe Acrobat software lets parameters be passed to the software when a PDF file is opened. Generally speaking, this is helpful. But because this capability includes opening a PDF from a Web site using a browser, and Web pages can execute scripts, Acrobat can be used to launch malware. For example, parameters may be passed […]