Larry Seltzer

Ive seen it coming for a while now. The second Tuesday of the month may be Microsoft patch day, but its evolved into Industry Patch Day. This is one of those instances, and they happen more often than youd think, where Microsoft sets the tone for the rest of industry. They didnt invent the security […]

Tuesdays E-Mail Authentication Summit in Times Square was a reminder that work continues in this important effort. The basic idea of it was to give those who run mail servers a kick and urge them to adopt one or more authentication standards. If you looked past the cheerleading, though, you see how far we have […]

Im still waiting for the explanation that makes it all make sense, but it doesnt look good. I have the nasty feeling Microsoft was disappointed with its good-guy/good-technology approach to anti-spyware. The security business is not like most of the software categories in which Microsoft participates. People care about reputations. Users have to trust the […]

Of the many discouraging aspects of computer security, one of the worst is that offenders are rarely punished at all, let alone seriously. I have to think another disappointment in this regard is imminent. I refer to the case of Sven Jaschan, who last year was ratted out for money by a friend. Jaschan had […]

The Internet began as an experiment: Did it succeed? Obviously, in many ways it did, but it also failed in important ways. So what do we do about that? Ive thought in the past about the idea of starting all over with the Internet, although I was thinking most of SMTP, rather than the whole […]

Its a recurring theme on security discussion lists: Someone ought to build a worm that infects insecure systems and remedies the problems on them. Every six months or so someone thinks theyre the first one to think of it. So in case any of you think its a good idea, please stop wasting your time. […]

“Were from the government and were here to help you” is a very old and sad joke, but theres a lot of truth to it. Municipal governments, especially in big cities, have a tragic history of policies with unintended consequences for their constituents and others. The movement to have local governments provide wireless Internet access […]

Over the years Ive tried to get better at my use of passwords, especially since Im supposed to tell other people how to manage security. I have to confess: Im not where I want to be, and I bet you arent either. Do you use complex passwords for all of your logins where confidential information […]

Microsoft released a diverse and scary batch of vulnerability announcements and patches for them today. After actually reading the bulletins, I concluded that most of the vulnerabilities arent really that scary, but two caught my eye, and one of them in particular. The two bugs in this bunch that will cause the most real-world problems […]

I was as disturbed as the next guy to see our story about how Google ads are indirectly financing adware campaigns. Disturbed, but not entirely surprised. I had already come across another unsavory use of Googles AdSense program. Its not quite in the same league with malware distribution, but its a problem nonetheless. Have you […]