Why I Love and Hate Apple Maps in iOS 6

Apple surprised me with its Maps update in iOS 6. It wasn't just that it represents one of the few missteps that Apple makes but that Apple violated several tenets of its very well-honed brand foundation and reputation.

The debacle that is Apple Maps is epic with failures in three key areas: usability, data, and business decision-making. This posting expands on each of those areas.

Are Mobile Carriers Killing Business Security?

Mobile service providers, including Verizon Wireless, AT&T, and Sprint, know something about your smartphone that you don't.  What is this little nugget of information?  Service providers have no problem with selling you a supercomputer (a.k.a. smartphone) that they have no intention to protect.  It's not that they make it a secret or that the information isn't readily available, it's just that they know that you don't care, and they're right.  That's killing the ability for organizations to protect themselves.

The Problem with Google's Two-Factor Authentication

The media has rightly gone crazy over what what technology writer Mat Honan wrote in Wired called "My Epic Hacking." If you haven't read about what happened to Mat, then I urge you to check out the article and then try to calm down for a few minutes before moving on.

In a business that focuses on quick solutions to big problems, many bloggers and writers have focused on this one statement that Mat makes in his article:

"Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened…"

I don't doubt for a second that Mat is correct.  Google's innovative application of stronger authentication is a great resource and one that I began using just about a month ago after I found some kid in Houston constantly trying to access my Gmail account thinking that it was his.  (I'll rant about that some other time.)  But, don't think for a second that Mat's statement points to a solution.  It's not.

Defect Acceptance

Cybersecurity has been a hot topic for over a decade and only seems to be getting hotter.  When I meet new folks and mention being "in" information security, I cringe when I hear the standard response, "Oh, that's a really hot field.  I bet that there are a lot of opportunities for someone like you."  Well, yes and no.

Vampiric Security - Dead and Still Kicking

In my posting How Hacker Targets Become Victims on the InfusionPoints blog site, I implied a little secret about the information security industry regarding the tools that we've come to believe are absolutely necessary. They are not as effective as you typically think they are. In fact, many are slowly sucking us dry without providing much valued in return.

An Adventure in Cloud Security

I recently registered for a website hosted by a government agency that handles some of the most sensitive personal information available within U.S. Government. While the site is only a simple scheduling system, imagine my dismay when I received an email confirming my registration that included both my username in password in the email body. That email demonstrates that, despite all of the reported attention to security over the past several years, especially within the Federal Government, we are failing to build an effective information security culture.

Tackling the Untrustworthy Internet

Imagine that each of us would need a tank to safely drive on the road. We would be well protected from any obstacles that could come our way, but at the expense of speed, agility, and cost. We could also blow each other up, forcing us to buy bigger and better tanks all of the time to retain a consistent state of security. That's the kind of environment that companies face when using the Internet. Rather than being able to invest in economical transport, each has to regularly procure stronger individual protection to defend themselves. What went wrong?