Just wanted to let everyone know about another blog I’m involved in: I recently helped Accenture (where I now work) launch a Security Blog.
Accenture has been involved in some of the largest and most complex security deployments of our time. So I believe the blog will be a great opportunity for senior people at Accenture [...]

In reviewing my last several posts, I was beginning to wonder whether I’m cynical by nature or simply running low on happy pills. But then I found something really positive to write about: Microsoft announced at RSA that it would open source its U-Prove technology. This is really good news.
I hope the development community takes [...]

The word “trust” appears 32 times in the press release announcing the official launch of the Open Identity Exchange (OIX). Normally, I’d be enthusiastic about such dense coverage of a critical topic, but in this case I question the group’s understanding of the term.
A Governance Template, Not a Trust Framework
OIX is a kind of standards [...]

Interesting tidbit in the NYT yesterday about how developers can use public information to get the remaining 5 numbers of your SSN:
The Carnegie Mellon researchers used publicly available information from many sources, including profiles on social networks, to narrow their search for two pieces of data crucial to identifying people — birthdates and city or [...]

Imagine a friend invites you to a dinner party. This year, the invitation goes, the party will be catered so you’ll need to pay $40 per guest. Maybe you’re not too excited about the catering idea, but you figure you want to support your friend, so you decide to attend and bring your spouse. At [...]

Anyone who read Frank Partnoy’s book F.I.A.S.C.O will immediately appreciate the context of this story: The NYT reported today how Wall St. banks Goldman Sachs and JP Morgan assisted the Greek government in hiding hundreds of billions of dollars in debt, while collecting over $300 million in fees for themselves. According to the Times:
Wall Street [...]

There was a lot of discussion yesterday about the court battle over government access to geolocation data for cell phones. This conjures up all the jokes about how it’s easier to find cows in Canada than to find illegal aliens in the US. The irony is that in the US, people pay for—and pay taxes [...]

Politico reported last week that 49 congressional web sites were hacked, which only became apparent just after the State of the Union Address last week. Web sites displayed simple hacker-speak web pages and many of the sites were completely unavailable for hours.
This should be great fodder for the Black Hat folks meeting in DC (actually [...]

Paul Krugman posted an interesting piece in the NYT today, in which he ruminated on the testimony offered before congress by some of the leading banking executives, and concluded the following:
Do the bankers really not understand what happened, or are they just talking their self-interest? No matter. As I said, the important thing looking forward [...]

This week, I started a new job as Sr. Manager at Accenture. I’ll be working in Accenture’s Security Consulting Practice, focusing on Identity and Access Management. So my new role is basically a continuation of my career for the last dozen years, but at Accenture it’s also an opportunity to get involved in some of [...]