Surprising security issue at Host Gator

I recently signed up for – and promptly dumped – Host Gator.  The QOS (Quotient of Suckage) was off the chart but in this post I’ll focus on a surprising security exposure that was revealed in the process.

[Read more…]

What’s Holding Up The Internet Of Things?

What’s Holding Up The Internet Of Things? This question was posed by in a blog post where he concludes IoT’s problem is that there is “no lingua franca.” The blog post mentions several competing protocols and scores big points for mentioning Pub/Sub at all and for generally getting IoT issues almost right. But he concludes the turning point will be “will be when economic incentives push device makers to share access to their controls and to the data their gadgets generate.” That’s not entirely accurate. Those economic incentives exist today.Here and now. The question is “on whose terms?” It isn’t that the economics need to change. It is that device manufacturers let go of the idea that they, and not the device user, are the first owners of the device data.

What is holding up the Internet of Things is that people do not want to buy devices that deeply penetrate their veil of personal privacy and then send fine-grained data about them back to device manufacturers.

[Read more…]

Do We Need an Alternative to HTTPS and TLS?

“Do We Need an Alternative to HTTPS and TLS?”  This question came up in the Personal Clouds list recently.  Thanks to the well publicized problems with Certificate Authorities, variations on this question are a common theme among many of the communities in which I participate.  The CA has become the whipping boy for all the ills of authentication and network security.  Let’s just get rid of it, right?  It’s not that simple.

[Read more…]