Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Always the same stupid, stupid mistakes (Score 2) 102

by ahoog (#41277333) Attached to: WhatsApp Is Using IMEI Numbers As Passwords
They don't even have to ask. After years of doing mobile security audits, we complied 42+ best practices for secure mobile development and posted it free online. It's just that secure development takes extra time (and talent) and very few are willing to make that commitment.

Comment: Use appWatchdog to check individal app security (Score 1) 173

by ahoog (#36201208) Attached to: Ask Slashdot: Android Security Practices?

We examine mobile app security using forensics and post the results free on our appWatchdog page:

In a few weeks, we will have an "appWatchdog app" available for Android which will scan installed apps and advise which store your personal data insecurely. This is good practice in case of a lost phone or remote exploit which can gain access to /data/data.


+ - Data Theft Common By Departing Employees->

Submitted by
Andrew Hoog
Andrew Hoog writes "The Washington Post recently released an article about research from the Ponemon Institute finding nearly "60 percent of employees who quit a job or are asked to leave are stealing company data".

"Sixty-five percent of those who took data from their former employer grabbed e-mail lists. The next most frequently stolen data included non-financial business information (45 percent), customer contact lists (39 percent), employee records (35 percent) and financial information (16 percent)."

These risks are real however as the owner of a computer forensic firm, it's difficult to get companies to realize the risks (ever heard "it won't happen to us"?). I recently started cataloging security breach articles focusing less on the sensational and more on the every day risks. Any thoughts on how else to bring the every day security breaches to the attention of decision makers?"

Link to Original Source

+ - Free iPhone Forensics White Paper Available->

Submitted by
Andrew Hoog
Andrew Hoog writes "I just released a free 101 page white paper on iPhone Forensics. The paper provides a technical review of six forensic tools (one technique is non-commercial) and reveals the sheer volume of information discovered on the phone. This paper is ideal for IT administrators, forensic analysts or anyone interested in recovering data from the iPhone. After registration, users can also participate in our mobile forensic forums for support and further discussions or review the many computer/mobile forensic HOWTOs available on my blog."
Link to Original Source

Simplicity does not precede complexity, but follows it.