I just came across this piece from NewsFactor: Is Heartbleed the Biggest Web Security Threat Ever? and couldn’t help but chime in. Contrary to popular hype, I don’t think the biggest web security issue we face (now or ever) is a technical problem…instead, it’s something with hair on top like I talked about here.
As with the hype over the Target breach and the gloom and doom over Windows XP’s end of life, it’s never the hard-to-find, technical stuff that many people believe is at the “heart” of our security woes. Instead, this issue, like most others in life, can be distilled down into a much more basic form. We’re our own worst enemies…
P.S. Wouldn’t it be weird if the NSA is somehow tied to this vulnerability…? 😉
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”