Welcome to BlogNotions' IT Security Blog

The BlogNotions IT Security Blog delivers a diverse series of perspectives provided by thought leaders in the security industry. Presented by NetLine, this forum delivers compelling updates on the latest technology and software, best practices for safeguarding data, recommendations for choosing various solutions, and much more. Here you can find helpful information, ask questions, and collaborate freely.

Security and Usability

I’ve become very focused on the nexus between security and usability. I was interviewed for an article in The Guardian last year. “Security needs to learn from design by doing focus groups, having conversations and putting itself in the perspective of the people who will use this system,” he said, adding that it isn’t the […]

Continue Reading

More Printer Security Talk

If you don’t have the context, read my previous post on comparing printers to VoIP—i.e., it’s another computer on our network. Now that you are in the right mindset, look around your office and see if you see a printer sitting somewhere. It might even do copies, scanning, and faxing. Super fancy ones might even […]

Continue Reading

That Printer is gonna GIT ya!

Of all of the devices we have out there on our networks, is it going to be printers, cameras, and thermostats that cause our undoing? “Wait… did you say, PRINTERS!?! Are you off your rocker, Brando?” Do Not Turn The Copier Off, by Michael Pereckas That was one of the key warnings that came from […]

Continue Reading

More EMV Bypass Fun

Stay Classy, San Diego! So I’m sitting here in San Diego, which we all know is German for… never mind. As I pay for my lunch, I present my chip card and there is some kind of error. I know I entered my PIN correctly, but it immediately came back as failed. The bartender taught […]

Continue Reading

Can You Afford to be this Slow?

In April, 2014, CVE-2014-0160 was released, better known as the Heartbleed bug. Heartbleed is devastating – it can reveal sensitive information not just of the user, but anything on the machine. In practice it has been used to export private keys for TLS/SSL certificates. These stolen private keys can then be used to impersonate a […]

Continue Reading

PCI Compliance, Version 3.2 Now Available!

Well folks, it’s finally here. What started as an experiment back in April has finally come to fruition. I’m happy to announce that PCI Compliance, Version 3.2 is NOW AVAILABLE! If you order via the CreateSpace bookstore, please use coupon code 4JRH748R for $2 off through the RSA Conference. You can also order it via […]

Continue Reading

Welcome Back

After a long hiatus, Security Musings is returning to its roots. This blog is going to be equal parts education and entertainment – you’ll learn some things, and you’ll learn some things that make me angry. I won’t follow a set frequency although I intend to post at least twice a month. The look and […]

Continue Reading

Are you using frameworks properly?

The concept of frameworks gets bantered about frequently. So much that often the actual substance in focus is less framework and more… well, I don’t know. Let’s call it an attempt to define how people should get things done. The confusion over frameworks gets us into trouble. The Straight Talk Framework is a system for success. […]

Continue Reading

Conference Wrap-Up, 2016

As we get ready to close out 2016, there have been quite a few events I have neglected to post here. I know I owe a larger update and more tools soon, but here’s one in the meantime to recap October and November. For this post, I’m taking a cue from Bill Brenner and supplying some […]

Continue Reading