Answers to a few questions from my server logs:

My bank has the worst security for their online banking. Honest.

I just finished a fresh Windows XP SP2 install… Now it’s doing the 65 critical security updates that have been released since SP2.

I love the Drupal CMS. One of my favorite features of Drupal is the ability to do a multisite install. Several sites can share one codebase. Updates are easily rolled out to every site simultaneously. Overall, it’s a wonderful idea. But I have some problems with the implementation…

Cliff Stoll, the author of The Cukoo’s Egg points out that the most common vulnerabilities are the ones that come by default on a machine. DEC’s Vax computers came with three system accounts, all with a default password. The system never forced the administrator to change them. For the most part “Hunter,” the hacker he chased for over a year, didn’t use sophisticated tools or brute force. He tried the front door, which was usually wide open.

There are entire industries that capitalize on our insecurity about security. These companies prey on our fears as a society by exaggerating both the probability of an attack and the effectiveness of their solution. we need an illusion of security.