Skip to main content

The WiKID Blog

Viewing posts tagged Strong Authentication

selection-bias-and-information-security

I read an interesting post about risk strategies and selection bias that made me think about some short term thinking often seen when investments in information security are deferred. Patri Friedman discusses poker strategies in light of selection bias:

You see that if you look at the performance of many businesses w.r.t. a risky practice that is a bad gamble, you can find the slightly negative trend line. But what happens if you consider only those businesses still around? This happens accidentally all the time - after all, its much easier to survey those businesses. The result is that you eliminate the worst failures of the practice you are examining, leaving a falsely positive impression.

The same thing happens in the poker tournament world. Certain styles of play trade EV for variance, allowing people to build up huge stacks occasionally, but usually go bust. Such players often win tournaments - but that doesn’t mean they are playing right. How many times do they fail for each victory? Do they fail more often compared to the money they win than a more conservative player? Some of these “maniacs” are smart players, carefully choosing their gambles and maximizing their returns. But some of them, frankly, are just maniacs, gambling and getting lucky, and giving the false impression that high-variance play is the way to go, because we don’t notice the hundreds of people playing that way and losing.

stealing-real-identities-to-earn-virtual-items-to

The ability to sell virtual items earned in virtual worlds for actual money is creating identity theft problems, particularly in Korea.

t-mobile-hilton-follow-up

From the washingtonpost.com:

tower-group-pushes-two-factor-authentication-for


Clearly, we need to do a better job of promoting WiKID.

validating-online-transactions-with-two-factor

There has been much discussion recently about session hijacking attacks. Briefly, a trojan sits on your machine and when you go to an online banking URL, the trojan kicks in and makes a fraudulent transaction inside your SSL-encrypted sesssion. Pretty strong strong stuff, seemingly.

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom