Public Key Infrastructure Digital Signatures and Systematic Risk  

The last few years have seen very considerable developments in the networks and technologies of electronic commerce, matched by the promotional and regulatory initiatives of international and national government towards electronic commerce. Of particular note have been the technological and regulatory developments in relation to public key cryptography and digital signatures. These regulatory developments arguably represent a promotion of an emerging Public Key Infrastructure as an international open network infrastructure for digital signature authorisation in electronic commerce. However, over the same period concerns have been growing in other international open network infrastructures, such as banking and finance, that such strongly inter-connected and inter-dependent infrastructures may be subject to systematic risk. Indeed, it appears that vulnerability to systematic risk is a characteristic of any complex open network. Therefore, the question can be posed whether the emerging Public Key Infrastructure is also vulnerable to systematic risk.

Murray, Jamie. JILT (2003). Articles>Communication>Open Source>Security

Responses to "Alienation"  

In the April 2003 issue, Intercom printed a hypothetical dilemma by John G. Bryan entitled 'Alienation.' A summary of this story appears in the box on this page; reader responses appear below. The responses do not reflect the views of STC's ethics committee and may have been edited for length.

Bryan, John G. Intercom (2003). Articles>Workplace>Ethics>Security

Scalable Exploitation of, and Responses to Information Leakage Through Hidden Data in Published Documents  

In considering the leakage of information through hidden text mechanisms in commonly used information interchange formats we demonstrate how to automate and scale the search for hidden data in Word documents. The combination of this scaling with typical behaviour patterns of Word users and the default settings of the Word program leads to an uncomfortable state of affairs for Word users concerned about information security. We discuss some countermeasures employable by users and note more general consequences of these effects.

Byers, Simon. User-Agent (2003). Articles>Word Processing>Security>Microsoft Word

Securing a MySQL Server on Windows

Windows servers can be difficulty to keep secure. The intent of this article is to list the steps that an administrator can take to properly secure a MySQL installation on Windows. While the procedures listed are written for Windows users, the principles contained herein will be of benefit to users of Linux and Unix as well.

Hillyer, Mike. MySQL (2005). Design>Information Design>Security>SQL

Security and Human Factors

A big lie of computer security is that security improves as password complexity increases. In reality, users simply write down difficult passwords, leaving the system vulnerable. Security is better increased by designing for how people actually behave.

Nielsen, Jakob. Alertbox (2000). Articles>Web Design>Usability>Security

Smarter Image Hotlinking Prevention

Tthe usual approaches for preventing hotlinking (hijacking) images have a couple of side effects. This system works much better.

Scott, Thomas. List Apart, A (2004). Design>Web Design>Security>Graphic Design

Technical Communication and Encryption: Adding Value to the Technical Communicator's Job

Working on a global scale might give you the opportunity to add value to your technical communicator's job. In particular, when dealing with encryption on the Internet, you should be aware of restrictions which might have an impact on your documentation.

Flacke, Marie-Louise. TC-FORUM (1998). Articles>Documentation>Security

Types of Computer Viruses

A collection of fictitious viruses and their characteristics.

Glowport (2000). Humor>Computing>Security>Viruses

Untangling the Web: Hoaxes, Scams, and Rumors

If you've had an e-mail address for long, you've probably received a message (forwarded through a long chain of people) warning you about some dangerous computer virus that can infect your computer through e-mail. Some warnings even say that the virus will physically damage your hard drive or monitor. But they aren't true.

Ivey, Keith C. Editorial Eye, The (1997). Articles>Communication>Security>Viruses

User Education Is Not the Answer to Security Problems

Internet scams cannot be thwarted by placing the burden on users to defend themselves at all times. Beleaguered users need protection, and the technology must change to provide this.

Nielsen, Jakob. Alertbox (2004). Articles>Usability>Security

Viruses and the Desktop Publisher

Viruses are of particular interest to the desktop publisher because we frequently exchange disks with clients, open other people's Word files to edit them, and receive unsolicited files via email — all examples of 'at risk' behavior. Everyone should practice 'safe computing' and Windows users especially should make certain their anti-virus software is kept up to date. A list of vendors and informational sites can be found in the sidebar on the right.

Adams, Peter C.S. Makingpages.org (2002). Design>Document Design>Security>Viruses

Web Security Isn't Scary!

Security is the lifeblood of any web application and every online business. No matter how hard you work designing a great site, creating high-end content, building a lively traffic stream, and improving every aspect of your online business, it can easily be stolen away if you aren’t protected. Protecting your web presence seems like a daunting task, but there are simple solutions that any webmaster can do to increase security of their applications.

Robbins, Kyle. ReEncoded (2008). Articles>Web Design>Security

Workplace Surveillance and Managing Privacy Boundaries    

According to communication privacy management (CPM) theory, people manage the boundaries around information that they seek to keep private. How does this theory apply when employees are monitored electronically? Using data from 154 face-to-face interviews with employees from a range of organizations, the authors identified various ways organizations, employees, and coworkers describe electronic surveillance and the privacy expectations, boundaries, and turbulence that arise. Privacy boundaries are established during new-employee orientation when surveillance is described as coercive control, as benefiting the company, and/or as benefiting employees. Correlations exist between the surveillance-related socialization messages interviewees remember receiving and their attitudes. Although little boundary turbulence appeared, employees articulated boundaries that companies should not cross. The authors conclude that CPM theory suppositions need modification to fit the conditions of electronic surveillance.

Watkins Allen, Myria, Kasey L. Walker, Stephanie J. Coopman and Joy L. Hart. Management Communication Quarterly (2007). Articles>Workplace>Security>Privacy

Your Next Assignment: Computer Security Policy  

The recent rash of high-profile computer viruses and attacks has further exposed troubling weaknesses in computer security. The media and even some computer security experts would have us believe that hackers are the primary culprits against whom individuals and organizations must protect themselves. This article provides guidance for technical communicators tasked with planning, creating, and implementing computer security policy for their organizations.

Still, Brian. Intercom (2004). Articles>Writing>Policies and Procedures>Security

Yours Authentically...  

As electronic documents gain ascendancy, the authenticity of the author and the integrity of e-mail documents, which most of us usually take for granted, may become major stumbling blocks for ecommerce, e-learning, online training, and technical communication in the future. How can we be certain of the authenticity of electronic documents? While this problem exists equally for paper-based documents, given sophisticated scanners, software, and color printers, electronic documents are especially prone to tampering, mismanagement, and outright fraud.

Archee, Raymond K. Intercom (2003). Articles>Publishing>Online>Security

The Security Dilemma: Balancing Robustness and Usability  

Heisenberg's uncertainty principle says the more you try to know about a particle's position, the less you can know about its momentum. A similar dilemma affects IT security. It seems the more features you load into a product, the less usable it can be.

Henneman, Richard and Michael A. Hughes. Cutter IT Journal (2008). Articles>Usability>Security

Hidden Information for All to See

Just what kind of information about yourself and your company are you releasing for all the world to see? Shouldn't you know? Although it takes special forensic tools to access most hidden information in computers, some of it is in plain view without using tools to see it. This article is about one of the “plain view” instances: Information that Microsoft Word saves about you, your company, and the topic you are writing about – all of which anyone can see after accessing and opening your document.

Molisani, Jack. TechCom Manager (2006). Articles>Management>Security>Microsoft Word

How They Hack Your Website: Overview of Common Techniques

We hear the same terms bandied about whenever a popular site gets hacked. You know… SQL Injection, cross site scripting, that kind of thing. But what do these things mean? Is hacking really as inaccessible as many of us imagine; a nefarious, impossibly technical twilight world forever beyond our ken? Not really.

Conroy, John. CMSwire (2008). Articles>Web Design>Security>SQL

Malware: Whether on the Desktop or the Web, It’s a Perception Thing

In this column, I’ll explore the user experience of malicious software, or malware. My position is that, like many qualitative attributes, malware is in the eye of the beholder. And, I’ll suggest a method that product or service developers can use to assess the risk that their users, the media, or the market at large might perceive their offerings as malware.

Sherman, Paul J. UXmatters (2008). Articles>Software>Security

Seven Habits for Writing Secure PHP Applications

Security in a PHP application includes remote and local security concerns. Discover the habits PHP developers should get into to implement Web applications that have both characteristics.

Good, Nathan A. IBM (2008). Articles>Web Design>Security>PHP

The History of Attachment Security in Outlook, Part 1

A partial history of why Outlook has so, so many viruses communicated using it, and how people at Microsoft thought to try and stop it. A study of why minor patches can't repair major architecture issues.

Lemson, K.C. KC on Exchange and Outlook (2008). Articles>Software>Email>Security

Configuring Information Rights Management for Messaging in Outlook 2003

Information Rights Management (IRM), a new feature in Microsoft® Office 2003, can help prevent sensitive information from being distributed to or read by people who do not have permission to access the content. In Microsoft Office Outlook® 2003, users can create and send e-mail messages with restricted permission to help prevent messages from being forwarded, printed, or copied and pasted. Microsoft Office 2003 documents, workbooks, and presentations that are attached to messages with restricted permission are automatically restricted as well.

Microsoft (2004). Articles>Software>Email>Security

Captcha Usability Revisited: Google Inaccessible to Blind People

An online petition is being circulated to all Internet users for the purpose of collecting signatures showing support for Google to make its word verification scheme accessible to the blind and visually impaired.

Rønn-Jensen, Jesper. Just Add Water (2006). Articles>Web Design>Accessibility>Security

Encrypting Documents

How you can be like a super secret CIA agent and encrypt documents using Word 2007.

Microsoft (2008). Articles>Word Processing>Security>Microsoft Word