Who Is The Least Secure Employee In Your Web Company?

careless employees

Dark Reading has a thought-provoking post up about the popular buzzphrase “insider threat”, and, to the point, how it really doesn’t make sense as a term. The post advocates for a more fine-grained approach:

  • rogue employees – This is actually the darkest prospect, and yet entrepreneurs fear it the most while it actually happens the least.
  • security loss through incompetence – now we’re talking!
  • just plain leaks – through, for instance, trusting a third party and then their incompetence exposed you to risk.
  • outside attacker penetrating inside – really, every outside threat aims to become an inside threat.

Experience has proved out time and again, that under-trained or careless employees are the greatest threat vector. For every “Hollywood hacker” trying to get into your site, there’s a hundred receptionists setting their password to “1234”, a hundred associates using a malware-infected Windows PC to send mail, a hundred security guards who aren’t watching what they should, and a hundred coders who left a gaping exposure to XSS in your web page. It’s ridiculous to treat malicious attackers and mistakes all the same way.

Kiss Flash and Silverlight Goodbye on Windows 8

Windows 8

Did you ever think you’d live to see the day when you’d read this headline? Here, wait, let’s hear it in OSNews’ own words first:

“The world’s most popular operating system will not be receptive to Flash, and Microsoft openly stating Flash is history pretty much means that as a platform for the web, it’s done. Flash may still serve a purpose in other ways, but the Flash most of us know and hate – that’s gone.”

Wha… ? Done? Gone? Flash? DOA? Belly-up? Bereft of life, resting in peace?

Yes, the MSDN developer website seems pretty sure about this. HTML5 is where it’s at now. Throw away those O’Reilly Actionscript manuals and beef up on your HTML5. Meanwhile, Apple Insider can barely keep the gloating out of its coverage of the story.

The hilarious irony in all of this? Linux, the platform the Adobe despised the most, is now the only platform that will give the time of day to Adobe. So, ah, Adobe, do you suppose Firefox Ubuntu users can expect their Flash plugin update on time for a change?