Kim Cameron on GOOGs single sign on design vulnerability

I spoke with Kim Cameron a few days ago about Google’s single sign-on (SSO) design bug. I wanted his take on the bug because he’s one of the best in the area of identity, single sign-on etc etc… his response can only be described as scathing.


Privacy Tip o’ the Day

I’m stunned at how much private data the average citizen will divulge. I was buying some stuff yesterday, and the clerk at the checkout asked the customer in front of me for her phone #, which she was quite happy to give. Next, I was signing up for gym membership, and the guy in front…


SDL book is shipping!

I have in my paws a copy of the Security Development Lifecycle book… 🙂 And I am told boxes of books are on the way to warehouses right now! It’s always great to see the physical bits!


Finally, a book on Privacy for Developers

My good friend J.C. Cannon has written the book on Privacy aimed squarely at developers, as well as IT folks. While I, and many others, focus on security, J.C. and his team address privacy issues. I think most people consider the two disciplines kinda the same, they are quite different, and I would urge you…


Windows XP SP2 Privacy Statements Released

The Windows Privacy Statement highlights 27 components that have historically been of interest to privacy advocates and customers, and the 6 page IE Privacy Statement highlights some of the new IE features including “Pop up Blocker”, “Untrusted Publishers”, and “Managed Add-ons”.   The statements, along with new Group Policy privacy controls are available at the links…