After a large company that has your data gets breached, the standard next step is to give you credit monitoring.
It’s not enough to protect yourself, but you can make it enough. Read more
Having trouble installing Windows 7 from USB? Disable USB 3.0.
I had trouble installing Windows 7 from USB on an Asrock Q1900M motherboard. It was the most difficult time I’ve had in years. Creating a bootable USB stick from my Win7 DVD went flawlessly, and the Asrock booted off it just fine by hitting F11 to pull up the boot menu, but then Windows prompted me for a driver, and when I navigated to the drivers directory that Asrock provided, none of the drivers would load. The mouse didn’t work either, and the only reason the keyboard worked was because I still use PS/2 keyboards.
The solution was to go into the UEFI, dive into the USB configuration, and disable USB 3.0. After I did that, Windows could see the USB drive and other USB devices just fine. This issue is likely to get more common as time goes on.
If you use Truecrypt, migrate to Veracrypt
I’m playing catch-up with this one, but if you’ve been relying on the quasi-open source Truecrypt encryption solution, you need to migrate to Veracrypt as quickly as possible.
For some reason, it doesn’t seem to be common knowledge that Veracrypt is derived from Truecrypt and is, for all intents and purposes, the successor to Truecrypt.
Change a headline, go to prison
A former journalist whose track record includes being fired from the Tribune Co. and from Reuters is facing two decades in prison for giving the hacking group Anonymous credentials to log into a Tribune web site and change stuff.
Anonymous changed one headline, and it took about 40 minutes for someone at Tribune Co. to notice and change it back.
It reminds me of something that happened at the newspaper where I used to work.
A sports analogy for security
Explaining security is really hard, but sometimes a sports analogy helps. Here’s an appropriate sports analogy for security.
Imagine you’re playing a sport. The sport doesn’t matter. What matters is you’re playing, and so is the opponent, and you have to follow the rules while they don’t. But you still have to prevent them from scoring.
But it’s more complicated than that. Imagine there’s another game going on, either adjacent to the field or within the field. That’s the business. Whatever you do can’t interfere with that second game, and you also have to keep your cheating opponent from interfering with that second game. And your success at preventing interference with that second game is how you’re going to be judged.
Vigilante router security
Last week, Symantec discovered a worm that infects routers and takes measures to make them more secure. For lack of anything else to call it, Symantec is calling it malware, and most of the security echo chamber is probably howling over this, but I think I understand why it was created.
Flash vs Shockwave
Bad things happen when security pros like me start asking our infrastructure brethren to patch Flash. We get better security, but the Flash upgrade fails enough of the time to cause extra workload, and it can be confusing. One of the problems is the question of Flash vs Shockwave.
Consequently, I see more Flash-related helpdesk tickets than I ever saw, even when I was doing desktop support long ago. Adobe doesn’t make it any easier by calling the plugin “Shockwave Flash.”
DD-WRT needs to be saved, but I won’t bet on it happening
A college classmate asked me if there’s anything to the stories that DD-WRT might potentially get locked out due to new FCC regulations. (Link removed in retaliation for Conde Nast’s 11/3/2025 layoffs. Sorry not sorry.)
Unfortunately the answer is yes, there may be something to it.
My garbage disposal adventure
Changing a worn-out garbage disposal can be a 10-minute job–assuming you anticipate everything, use the same brand as the old one, you know what you’re doing, and the person who installed the old one was at least as competent as you.
It didn’t quite work out for me like that the last time.
A collection of hacking e-zines, new and old
I found this collection of hacking e-zines a while back. Some are new, some are old. Some are series and some were one-offs. If you’re interested in the early days of hacking, or the undercurrents of today, it’s not a bad place to peruse.