Larry Seltzer

Call me naive. I was surprised to read that sponsored links on search engines are far more likely than conventional “organic” links to lead to hostile sites. The study, by researcher and activist Ben Edelman and the McAfee SiteAdvisor team, found that 8.5 percent overall of sponsored links on Google, Yahoo, Microsofts MSN, AOL and […]

Theres no question that the user-oriented permission model has problems. Its an attempt at a simple facade on top of a complex set of issues. If mainstream operating systems are still “stuck” with it, its because the alternatives are, to put it kindly, underdeveloped at this point. A fascinating analysis of “trusted” operating systems by […]

Every new version of Windows brings with it fears about which software aftermarket will get steamrolled by a new Windows feature. The big questions with Vista are about security, and there are some fair ones to be sure. Some people assume that once Microsoft includes a feature in Windows its curtains for anyone trying to […]

I have an ongoing interest in products for small businesses, which I think have generally been shafted by the software industry over the years. Small-business owners are often forced to choose between products designed for lone consumers and those designed for massive enterprises. Security has been a great example of this phenomenon, but in some […]

The Watch Theres another zero-day attack on Internet Explorer. There are conflicting claims about how serious it is, but read about how serious it could be in the Zero-Day IE Attack section. Everyones got their own names for malware attacks, but AV-Test keeps track of them all. Get a cross-reference list of names for attacks […]

To those who grew up in the electronic age, notarization of documents has the odor of antiquity and obsolescence. It is an ancient practice, but ironically it serves purposes directly analogous to many of high priority for modern electronic documents. And now modern security techniques are bringing notarization to the electronic realm, to the benefit […]

Its a free country. Youre allowed to say all kinds of distasteful and offensive things, especially when youre telling the truth. And youre allowed to disclose security vulnerabilities in IT products. But theres still a right way and a wrong way to do it. Michal Zalewski has problems with Microsoft. He thinks Microsoft doesnt cooperate […]

When you look to the software that really matters to users, especially on their home PCs, security would be on the short list for most. As my Jim Rapoza has recently contemplated, open source has been a disappointment in this area. Jims analysis falls right in line with Eric Raymonds theory of open-source itch-scratching: in […]

Just when Im done dismissing the potential for e-mail authentication to become an effective standard, evidence is presented to the contrary. The E-mail Authentication Summit on April 19 wasnt even the highest-profile event at the hotel where it took place (Secretary of State Condoleezza Rice spoke to the Chicago Council on Foreign Relations there the […]

This weeks E-mail Authentication Summit in Chicago on April 19 reminds me of the Internet communitys failure to agree on an authentication standard. Efforts such as this meeting notwithstanding, the whole authentication movement has been a flop, and thats a shame. Nothing would have made a bigger dent in malware, spam and phishing than a […]