Category: Security
The Power of 1 Slice of Bread
Every wonder why there aren’t as many open-face sandwiches for sale in your local supermarket. No?…..well, it’s political:
The upshot is – by adding one more piece of bread, sandwich manufacturers can sell their product without explicit approval from a government acronym and get inspected every 5 years – rather than daily.
Feeling Temporarily Secure
I’ve been to handful of airports – the underlying architecture of them all is: open, flowing, permanent.
The ironic exception is the airport checkpoints – like pop-up stores in malls. Foldable tables, movable queue markers, equipment on wheels – makes it feel so temporary. Like it just might packed up and gone tomorrow.
A Cry for Help
If a month-old baby going through an x-ray machine can’t bring a heavy dose of common sense to the TSA, what will?
What’s Your Traveller Risk Score?
We’ll Get Better Security When it Makes Business Sense
Security is Really Customer Service in Disguise
A confused, elderly woman with a full, knotted, plastic shopping bag was in front of the scanner. The security checkpoint line out of Minneapolis stalled as I put all my stuff in multiple bins.
When a uniformed TSA person asked her if she had a boarding pass, she mumbled the need for help getting a ticket for Transworld Airlines.
“I can’t help you ma’am, I’m the supervisor and I could lose my job if I left my post.”
After a couple exchanges identical to this, the supervisor thankfully handed the woman off to another TSA person.
Reminded me how customer service is smarter, cheaper, more effective, and generally happier than level-orange security.
Reminds me, why are airports so dreary and generally unhappy. Thankfully, Ze Frank gave me the airport smile I was looking for.
PopSci Delivers Geek Triumverate
PopSci Podcast #14: Jonathan Coulton asks Bruce Schneier about the risks of snakes on a plane.
No Passengers Equals No Threats?
A terrorist threat is thwarted in London.
The reaction here and there – making flying more uncomfortable for everyone else, heighten the ‘threat alert’ to ‘red’ (because something might happen we’re not aware of? – hmmm. I felt more secure).
Seems that with the plot foiled, we should be _safer_ in the immediate short term – not less so.
Bruce Schneier on the new no carry-on rules (as always, read the comments).
Doc Searls from the front of the line…er front lines. Good luck Doc.
As always, insightfulness and thoughtfulness on risk comes from our comedians – Ze Frank on Red810.
Thomas P.M. Barnett on the terrorists’ success being the disruption they caused.
Great stuff from Rex Hammock:
Advice to Web Developers: Forget the Password
This weekend while wandering down the aisles of our local Super Target, we found a dinner table and a side board we though would go great in our living/dining room. After checking out, a couple of teenage boys wheeled the still flat-packed pieces to our awaiting PT Cruiser.
Now, after flattening the inside of the car, both pieces fit. Though either Jen or myself wouldn’t. We kindly asked the boys if they could hold the pieces until I returned.
Sure.
After dropping Jen and the little man home, I returned to pick up the furniture – now in the Customer Service area.
“I’m here for those pieces.”
“Do you have the receipt?”
“No.”
We chatted for a bit, trying confirm that the pieces were in-fact mine and paid for sans receipt.
I told her we couldn’t take them before, because we couldn’t get them both in the car.
She called over the same teenage boy and off we went.
One of my bigger irritations these days is with the number of passwords I need to remember to try out the latest browser-based Web2dotOhGodNo beta.
Frequently, there’s no real need for a specific web service to require registration of a unique identity, let alone I’ve already generated a pile of them elsewhere (can’t I use one of those?).
Sometimes, my browser will pre-populate the login/pass – that’s great while at the same time completely defeating the purpose of security. Security and identity are separate concepts, though security may confirm identity, there are other ways.
Point is the two concepts are mixed up so much there’s an inherent security problem.
The more passwords I create, use, manage, and remember on a regular basis, the greater the chance I’ll use something like “1234” and the whole ecosystem becomes insecure.
I’m using Apple’s Keychain Access to store passwords both me and my browser have since forgotten. Passwords for trials that have expired and services that no longer exist. Thing is, I’m far less likely to click ‘forgot password’ than I am to never return (Who knew Friendster was still around?).
Forget the password, it’s a security risk for customers and a barriers-to-entry for providers.
ELSEWHERE: