10 ways spam is like vuvuzelas (the World Cup horns)

If you've been glued to the World Cup, you'll know that there's more to the matches than soccer (football for our international audience). I'm talking about those incessant horns -- the vuvuzelas. They're really catching people's...

06/30/10

Is it illegal to bypass spam filters? Vonage hopes not.

"You Could Save up to 50% on Your Phone Bill!" screamed an email from Vonage. Naturally, users complained this unsolicited, bulk email was spam. But some spam filters weren't having it -- a surprising number of these messages reached...

06/23/10

AT&T iPad privacy breach: Goatse email "theft" thoughts

In this week's Security Levity, I want to talk about the recent AT&T Apple iPad privacy breach, as discovered by Goatse Security. I also want to talk more generally about how companies often leak their customers' email addresses....

06/16/10

Outbound spam: hard data illustrates real risks

In today's Security Levity, I've got more on the outbound spam problem. Back in April, I argued that it's critical for networks to block outbound spam, to protect your reputation and the deliverability of your email. I also said that...

06/09/10

Tabnapping: don't be scared of new phishing trick

In this week's Security Levity, I want to address the fears raised about a new phishing trick. Dubbed tabnapping, it was recently dreamed up by Mozilla's Aza Raskin. Commentators around the web are worrying about its potential. But...

06/02/10

Ask Amir #5: How to deal with gray reputation?

In this week's Security Levity: a reply to a couple of reader questions about spam filtering techniques. Specifically, the types of techniques that can be used when the sender's reputation is 'gray'. What do I mean by 'gray'...

05/26/10

Real-world DLP: people are a problem

In this week's Security Levity, the second part of my interview with Abhilash V. Sonwane, vice president of product management at Cyberoam. Abhilash has extensive experience building data-loss-prevention solutions that help...

05/19/10

Spammer tricks: unnatural acts with spam filters

This week's Security Levity is a follow-on from last week's. I want to talk about one more spammer trick: how they misuse spam filters, to try to get delivered to the inbox. Spam filters are great. The best ones protect our inboxes...

05/12/10

Spammer tricks: link shenanigans

In the next two weeks' Security Levity, I want to cover some more tricks that spammers employ to avoid spam filters. This time: messing around with the embedded web links in their messages. Most spam filters include a link...

05/05/10

Real-world email defense in depth: keep it simple, stupid

In this week's Security Levity, I'm interviewing Cameron Brown, the VP of engineering at Sendio. Cameron has been architecting email protection systems for many years; he has an interesting perspective on balancing simplicity with...

04/28/10

Latest spam zombie research data

In this week's Security Levity, I want to talk more about zombies and botnets, sharing the results of some research we've been doing into this problem. I'll also pass on some encouraging recent news that hasn't gotten the attention...

04/21/10

Why is spam filtering such a challenge?

This week in Security Levity, I'm digging further into the topic of spam filtering technology. Today, I want to talk about why spam filtering seems to be such a continual challenge for filter vendors. I mean, we've been filtering...

04/14/10

Outbound spam: the canary in the coalmine

Earlier in Security Levity, I argued that you should block outbound spam, because otherwise your legitimate email may go unread. Here's another reason why you should control outbound spam. As I'll explain in this post, it isn't only...

04/07/10

How good is your outbound spam protection?

This week on Security Levity, I want to talk about a recent trend in spamming and spam filtering, which has important implications for people who run email networks -- be they corporate or consumer. In summary: it's now critical for...

03/24/10

Text message spam: is it a big problem?

In this week's Security Levity, I want to talk about spam again -- not email spam, but spam sent via SMS. Also known as text message spam. I want to get to the bottom of whether SMS spam is as big a problem as email spam -- and if...

03/17/10

Ask Amir #4: What's a Web reputation service?

This week in Security Levity, I want to talk about 'Web reputation' and how it's used to protect users from malicious Web sites, or sites with malicious content for some other reason.   History tweetmeme_source = "AmirLev";...

03/11/10

Real-world PCI-DSS: identity is key

In this week's Security Levity, I'm interviewing Abhilash V. Sonwane, vice president of product management at Cyberoam. Abhilash has extensive experience building credit card data loss-prevention solutions that help organizations...

03/03/10

From security to statistics and back

When you look at security vendors that detect malware, you can split them into two separate camps. Vendors differentiate themselves in many ways, but this week in Security Levity, I want to talk about one particular philosophical...

02/17/10

Ask Amir #3: Is challenge/response the ultimate anti-spam technique?

This week in Security Levity, I want to respond to a request to talk about a particular anti-spam technique. A technique that claims "100% spam detection." Throughout the history of spam filtering, we've seen countless ways of...

02/10/10

Security lies #1: "You're protected from newly-infected web sites"

From time to time, I hear security vendors make claims that make no sense. In fact, let's not mince words: I sometimes hear security vendors lie. There, I said it.This week on Security Levity, I want to talk about one such example....

02/03/10

Load More