Cisco Blogs


Cisco Blog > Security

Trusted Intermediaries as Privacy Agents

Last week, an Internet Privacy Workshop was held at MIT, sponsored by IAB, W3C, MIT, and ISOC. About 60 people attended, including three of us from Cisco. In order to be invited to the workshop participants needed to write a short position paper on a topic relating to Internet Privacy. The position papers and the workshop covered a wide range of topics, and the papers are expected to be published in the near future. In the meanwhile, here is my submission, which ties closely to work being done in the identity field.

Users have different expectations with respect to privacy on the Internet. A disclosure of a particular piece of information that may be perceived by one user as an assault on their privacy might be considered entirely appropriate to another. The current methods we have for managing our personal information on the Internet do not lend themselves to that situation well; it usually falls on the user to review a (frequently lengthy) Privacy Policy and determine whether that policy is consistent with their wishes. More often than not, the user has to decide to accept a Privacy Policy they haven’t had a chance to read and fully understand, or has to trade their privacy for the utility of a service they want to use. This is one of the central principles of a concept known as Vendor Relationship Management (VRM).

Read More »

Don’t Let Others Tweet On Your Behalf!

December 9, 2010 at 1:55 pm PST

Hackers recently gained control of an Indonesian government Twitter account to falsely broadcast an impending, yet fictitious, tsunami in Jakarta, Indonesia to over 8,000 followers. While this was by no means considered a catastrophic event it certainly, I’m sure, caused a bit of chaos and disruption to the people in Jakarta and in the surrounding areas. Doesn’t this sound like the 21st century version of yelling “Fire” in a crowded movie theater? In any event, as is the case with any failures related to technology, there are some important lessons to be learned from this miscreant-generated Tweet…or shall we call it a “MisTweet”?

Read More »

Tags: , , ,

 The Changing Face of Data Center Security

Today, Cisco released Part 3, the final results from its Connected World Report, an international study on the expectations of workers in accessing social media and corporate information, and on the views of IT professionals about these trends. Part 3 is focused on data center, cloud computing, and virtualization trends. To view all results from the study, visit the Cisco Connected World Report.

Read More »

Tags: , ,

Cisco 3Q10 Global Threat Report

We’ve just posted the second installment of our Cisco Global Threat Report. The Cisco 3Q10 Global Threat Report covers the third quarter (July 1 -- September 30, 2010).  Where most threat reports focus on a specific vector (i.e. email, Web, desktop detections, etc.), our goal is to provide threat data across a wider segment to more holistically capture high profile events impacting the enterprise.

It’s a fascinating exercise, as it involves working with multiple teams across Cisco, combing through lots of data, and then painting a cohesive picture of what’s happening where.

Read More »

Tags: , ,

Network-Based File Carving

In this blog post you will first learn what file carving is and, with a simplified example, why it’s useful. Next you will learn how this powerful technique has been applied to the network and how its utility has been expanded beyond just forensics. We will talk about several tools in this article, but specific attention will be paid to the NFEX network file carving tool.

Read More »

Tags: ,