Thursday, December 29, 2016

Silver linings: 2016 in pictures

2016 in photos

2016 has been a bugger of a year for many. Rather than stew over the loss of family members, friends, and icons of our adolescence, my cousin asked a simple question: "what's the best/coolest thing you did in 2016?" I thought to reply with a picture - but as I scrolled through my camera roll I found it has been an amazing year of memories, too many great experiences to pick just one picture. So here are some smile-worthy pictures from my family's 2016!

If you like these, my Instagram account is entirely things that make me smile or laugh. Cyber security exposes me and my peers to a constant flood of bad news and never-ending threats. This is one way I stay mentally healthy.

Tuesday, December 13, 2016

"Ho! Ho! Ho!" or "Oh No No!"

Here are a few holiday tips to make sure "Ho! Ho! Ho!" doesn't turn into "Oh No No!"

It's December! A time for family gatherings, vacation travels, Christmas shopping - and holiday scams. Here are a few tips to make sure "Ho! Ho! Ho!" doesn't turn into "Oh No No!"

Wednesday, December 7, 2016

Six steps to block credit card fraud

Credit Card Fraud spelled out using Scrabble tiles

Just over a year ago, I put together a simple guide to dodging financial fraud; it quickly became one of the most popular posts on this site. Given some recent cyber events, now seems like a good time for an updated version.

How many times have you replaced your credit or debit card after the number was stolen?

Now how many of those times did you suffer actual harm due to the fraud?

Credit card fraud is frequently in the news - perhaps less now than it was two years ago, but it still remains a hot topic. Between Target, The Home Depot, Sears, Dairy Queen, Wendys, Cici's Pizza, Goodwill, Trump Hotels, Hyatt, Hilton - the list of businesses whose payment systems were breached to steal card numbers goes on and on.

In a widely-circulated news story this week, researchers at UK's Newcastle University discovered a way to collect Visa card numbers without breaching a merchant. Generally speaking, a card number cannot be used online without also knowing the expiration date and the 3- or 4-digit code on the back. Visa's payment network will block repeated attempts to guess the expiration and security code coming from a merchant - but does not detect guessing attempts spread out across many merchants.

The result is, by automatically and systematically generating different versions of security data for a card number, and trying the different combinations across thousands of merchant websites, a malicious hacker can successfully guess the correct combination of account number, expiration date, and security code in just a few seconds.

So what can you do to take credit card fraud off the top of your list of worries?

Whois David?

My photo

I have spent the better part of two decades in information technology and security, with roots in application developer support, system administration, and network security. My specialty is cyber threat intelligence - software vulnerabilities and patching, malware, social networking risks, etc. In particular, I strive to write about complex cyber topics in a way that can be understood by those outside the infosec industry.

Why do I do this? A common comment I get from friends and family is that complex security topics give them headaches. They want to know in simple terms how to stay safe in a connected world. Folks like me and my peers have chosen to make a profession out of hacking and defending. I've been doing this for the better part of two decades, and so have a high degree of knowledge in the field. Others have chosen different paths - paths where I would be lost. This is my effort to share my knowledge with those that are experts in something else.

When not in front of a digital screen, I spend my time raising five rambunctious teens and pre-teens - including two sets of twins. Our family enjoys archery, raising show and meat rabbits, and simply enjoying life in the Texas hill country.

For a decade I served as either Commander or a division leader for the Awana Club in Dripping Springs, Texas; while I have retired from that role I continue to have a passion for children's ministry. At the moment I teach 1st through 3rd grade Sunday School. Follow FBC Dripping Springs Kids to see what is going on in our children's ministries.