Blog:TheSecurityMachine

Digital and Physical Security Consulting and Training

Two Cyber Security Secrets about the FBI v Apple Case

Speaking as a cyber security professional, there are two “secrets” about the FBI v Apple case that seem obvious but don’t appear to have much visibility in the news.  (1) If you want to break into an encrypted device you hire people who do that for a living not the manufacturer, and (2) if a…
Read more

How to Get Control of Your Accounts

As we continue to use services of different companies, we end up with more and more accounts.  Getting control of all of those accounts can be a very difficult task.  Here we mention one method and explain an second one in detail. Both will work, but each one has strengths and weaknesses. The list of…
Read more

Happy Birthday MEI Security

Mabuhay Enterprises Inc. was formed nine years ago, on February 10, 2007.  Since then we have continued to help our customers understand risk and secure their infrastructures.  What started as a small, part-time endeavor has grown to serve multiple customers, and is on a path to serve many more customers in 2016. In the coming…
Read more

Apple vs FBI – After They Break The Encryption

Let’s assume that Apple does help the government subvert the security of iPhones by getting them into this one device.  This is not Apple’s specialty.  I wouldn’t hire a safe builder to crack into a safe.  I’d hire a safe cracker, but that’s just more about how the government is being disingenuous when it says…
Read more

How to Answer Secret Questions

Many accounts permit or require users to answer so-called “secret questions”.  The idea is that you can provide answers to questions so that they can verify that it’s you answering the questions.  Unfortunately for most of these questions the answers are easily obtained by an attacker.  Here we discuss how to prevent those attacks so…
Read more

Apple vs FBI – Infosec Failure for San Bernadino

While much of the argument about the iPhone data centers on whether Apple should comply with an order to break their own protections, companies which own phones should note that the real failure is that of San Bernadino County’s information security policies and procedures.  They permitted their property ( the iPhone ) to be used…
Read more

Apple vs FBI – Not About Just One Phone

There seems to be some question about Apple refusing access to a single phone.  First of all, let’s be clear.  The failure is that of San Bernadino County.  They own a device, the phone, which might contain information useful for a federal investigation.  They can’t get into their own phone.  Consider that the phone is…
Read more

How to Choose Good Passwords

With our continued reliance on passwords, it is still a good idea to select good, secure, and memorable passwords.  It’s also very important to change them periodically.  We’ll cover some suggestions on selecting good passwords that naturally expire, and we’ll cover a bit about password safety. There is no such thing as the perfect password,…
Read more

MEI Security Vision Statement

The world can be dangerous.  We help organizations and people to conduct business and to live more safely and securely in today’s world. We do this by helping our customers understand the risks they face, providing clear assessments of their security, and helping them take steps to minimize their risks in ways that fit their…
Read more