Larry Seltzer

Security is security, but business is business I guess. It wasnt worth it to Microsoft to stick to its positions on PatchGuard and the Windows Security Center. The details arent in yet, but based on Microsofts vague initial statements it appears that the company has essentially acceded to Symantecs position on PatchGuard and is trying […]

Every time a new version of Windows comes out we dance the same dance about adoption rates. Microsoft promises large benefits to its enterprise customers. ISVs gear up support. Advocates for alternative operating systems talk about how this will be the version that gives them their foot in the door. With Vista its basically the […]

Everybody complains about phishing, but how many of us actually do something about it? Now everyone can. PhishTank, a new service from the OpenDNS folks, is an open and public phishing database. It finds itself up against several large and wealthy commercial products and services. PhishTank may prove to be a quixotic endeavor, but someones […]

Its not easy being Microsoft. Not that you should feel sorry for the company, at least not usually. But it is often put in impossible positions, as McAfee and Symantec are doing now. The two companies are arguing, mostly in European papers in order to influence antitrust policy in the European Union, that security design […]

Has the malware problem gotten out of control? An aggressive test of anti-virus products indicates that it has, at least by some measures. Its a tough call. I worry less and less personally about malware, even though Im barraged by it day and night. Ive got a gateway security device that scans for it with […]

I must say Im surprised at the flood of mail I got from my last column, which suggested that ISPs get more aggressive about security. Ill be following it up after I do some more research, but something a vendor said to me recently was both interesting and related. The vendors argument was that consumer […]

The role of ISPs in security is one of the great neglected topics in our industry, and one of my favorite subjects back to the time before I started focusing on security. Back, I believe, in 1999, I wrote an article predicting (because it made perfect sense) that the future of security for consumers was […]

In August 2004 an innovative phishing attack was launched, not against the usual targets of PayPal and large banks, but against the Kerry for President campaign. The campaign fought back against it, also in an innovative way. Typical of phishing attacks, the e-mail and Web site linked directly to images on the Kerry campaign site […]

Its hardly surprising that privacy and security advocates have raised concerns ever since the State Department announced that passports would soon include RFID technology. Some people are ready to oppose anything the government does. But they have a point. These passports, which the government began distributing in August, contain an RFID chip which transmits all […]

Why would a company need to point out that its philosophy is anti-evil? Google seems to be overcompensating in this statement, especially in as much as its given definition of non-evilness amounts to providing relevant advertising on a Web page. That sounds like “competence” to me. A more relevant question regarding “evil” would be about […]