Handing laptops to friends

June 2, 2009 by Leave a comment

Slashdot has a request for information from an art student who wants to know how to let other people briefly use their laptop while still protecting the laptop from infection and the data from snooping. After glancing at the slashdot comments the answers can be roughly grouped into these categories.

  • Setup a guest account and use quick user switching. This solution works on both Windows and Linux.
  • Use VMWare or equivalent software. Start the VMWare and run all your questionable things including other people’s logins in it.
  • Say “NO.” Don’t ever loan out your laptop, its yours not theirs and lending it is an necessary risk from the point of physical and data damage.

Filed under Research

How to keep secure passwords in your pocket

May 28, 2009 by Leave a comment

Security Focus has an interesting blog post on writing down passwords. The recommendation is that you then select a four character common “pin” which you memorize. For each site you then select a complex completely random unique six character password and write it down on a paper in your wallet. The password for each site is generated by appending your memorized password to the password written in your wallet to create a secure ten character password. The idea is that now you are using different passwords for each site but are not experiencing the extra cognitive load of memorizing a large number of long passwords. You are also not writing down complete passwords so someone stealing your wallet will not have your complete passwords.

I think this is an interesting idea and would be interested in any known research on its effectiveness and usability in practice.

Filed under Research

Don’t program on fridays

May 11, 2009 by Leave a comment

I just found an interesting paper on the number of bugs programmers create and fix at different points during the week. His conclusion is that changes to code which result in a bug are most often made on Fridays so don’t code on Friday.

Filed under Uncategorized

US Government site on writing in plain language

April 26, 2009 by Leave a comment

The US government has a web site on using plain language both within the government as well as for your own organization or group.

Filed under Useful sites

Playing at creating new domains

April 25, 2009 by Leave a comment

Finally got around to registering kamivaniea.com. Hopefully when I get some time I’ll put up a decent web page here. For now though, my official home pages is http://www.cs.cmu.edu/~kami/.

Filed under Uncategorized

Nice sorting algorithm animation

April 21, 2009 by Leave a comment

Shows several different sorting algorithms and how they sort several different types of data sets.

http://www.sorting-algorithms.com/

Update:

Ever wondered what sorting algorithms sound like?  These YouTube videos show you what different sorting algorithms sound like.

Or if you like your sorting algorithms shown to you via Hungarian folk dance.

Filed under Education, Useful sites

Security glitch on Facebook gives out administrative access

March 27, 2009 by Leave a comment

Facebook appears to have given out administrative rights to several major pages such as Microsoft and Star Wars to at least one Facebook user who is not affiliated with the companies.

Filed under News, Research

Government employees viewing passport records

March 23, 2009 by Leave a comment

Several government employees have been charged with accessing passport files without an official reason. One of the employees cited the reason as “idle curiosity.”

Filed under News, Research

Physical and file system access-control merging?

December 19, 2008 by Leave a comment

I was trolling through my daily news feed when I ran across this article on SecureIDNews. Its about a company which is marketing a card which controls access to both physical spaces and computers. I found this an interesting article since my research focuses on ethnographic studies of both physical and logical access-control administration. As a researcher I continuously get criticism from the computer security community that physical access control is a solved problem that has nothing to do with them. I’m glad to see someone interested in merging control of the two systems and am interested in how the merger will go.

Filed under Research

Collection of articles on security metrics

October 3, 2008 by Leave a comment

The metrics center has a nice collection of articles on security metrics and data anonymization.

http://www.metricscenter.org/index.php/resourcesmain/articles

Posted under Interesting URLs | No Comments »

Filed under Research

Older posts

Newer posts