Category: internet security

Posted on

Why we are Looking at Post-Quantum Cryptography Now

Logging pipelines carry some of the most sensitive operational data inside modern infrastructure. If an attacker can read or manipulate those streams, they gain deep visibility into the system.

Global network map with cyber attack streams colliding against a geometric shield representing post-quantum cryptography protection.

The Internet has always been a battlefield. It was even designed to be war-resistant and with commercialisation in the late 1990s it became also attractive to a large number of additional malicious actors. Today, cyber warfare is in a sense even stronger than a hot war. It now is important to keep up with bad actors. In the age of quantum computing, this also means support for post quantum cryptography (PQC).

Continue reading “Why we are Looking at Post-Quantum Cryptography Now”
Posted on

Security Theater at the Download Page

(See CS summary at the end.)

I needed to download VMware Workstation Pro for a new test environment. That now requires a Broadcom account. Registering that account did something that, in practice, pushes users toward weaker security – and it is also counter-productive for a “free download” funnel.

A laptop screen showing a password field where pasting is blocked. A broken padlock icon signifies this leads to weaker security.
Symbolic image: Blocking paste in password fields counterintuitively leads to weaker security. (Image: Rainer Gerhards via AI)
Continue reading “Security Theater at the Download Page”
Posted on

Internet Security … back in 2000

Wanna travel back in time? I just dug out one of my Internet security presentations from May 2000. It was aimed at the executive level, so there is not much technical detail in it. It is unfortunately in German, but non-German-speakers can probably still grasp the ideas.

Looking at it 13 years later, I have the feeling we have not so much evolved. Many of the issues still persist, even fake mail is still used – but to a far-less extent than what it was in 2000. At least business users (and mail systems) handle this decently … most of the time ;)