SiS Logo

My Digital Identity

Sharp Perspectives on Identity, Security, and Privacy

Apple IOS is an Example of Trustworthy Computing that Started with Microsoft

Anil Dash has written another excellent article that provides a short history of trustworthy computing. It is illuminating because:

  • It explains how Apple’s IOS is an example of a new computing model based on trustworthy computing principles
  • It gives credit to Microsoft research for establishing some of the principles of trustworthy computing.

Another theme that comes from the history lesson is the importance of branding and reputation on being an innovator. Microsoft’s bad reputation in the security area made it difficult for them to advance trustworthy computing because the industry was suspicious of their intentions. Apple is able to make the advances due to their product success track record but even in their case there are a lot of suspicions by people comfortable with previous models on what Apple’s intentions are and how they might abuse the capabilities.

Some vigilance is justified as with many security capabilities they can be can have both positive or negative attributes depending on how they are applied.

SMB Security Knowing-Doing Gap

A survey of 2000 small businesses in the US and UK shows a gap between security awareness and action.

Security software company AVG surveyed a sample of 2,000 SMBs in the United States and United Kingdom and found that not only do more than half have no security guidelines, but that “1 in 7 have no Internet security software or solutions in place at all.”

Notably, 83% of respondents in AVG’s survey said they were aware of the importance of Internet security, yet not all of them had preventative solutions in place.

67% of respondents are considering moving to cloud-based services in the future.

The results for Canadian small businesses are probably similar or perhaps worse since Canada has often lagged in technology deployment.

Not surprisingly another survey from a security vendor (Panda Security, a company specializing in cloud security) shows that 33% of 315 SMBs surveyed have been infected with malware – mostly through social networks like Facebook.

Symantec and Panda have cloud based anti-malware services suitable for small business and AVG provides free anti-virus software for personal computers.

Experiments Testing Airport Security Theater

Another expose on the ineffectiveness of airport security. The extra mile would be to suggest what should be done for a difficult problem of delivering effective security while not overly inconveniencing people and jeopardizing air travel business. This article at least mentions a few things that have worked and makes some suggestions. At the same time people are complaining more and more about the invasiveness of airport scans.