Quotes of All Topics . Occasions . Authors
The definition of hate speech in some countries is problematic.
The reuse of passwords is the No. 1 cause of harm on the Internet.
Security people aren't brilliant; we aren't smarter than everyone else.
I think anybody who uses email in the center of our life needs encryption.
Adversaries will do the simplest thing they need to do to make an attack work.
Almost every OS X server service offers weak or broken authentication mechanisms.
Preventing surveillance of millions of people at a time is totally within our ability.
Internet advertising security and the fight against malware is a top priority for Yahoo.
People now know how important it is to build secure systems to underlie our civilization.
It turns out that we can build perfectly secure software, and yet people can still get hurt.
What we're trying to do at Yahoo is build our products so they're safe and trustworthy, not just secure.
Attackers are able to amortize the cost of exploit, malware, and infrastructure development across many targets.
Being a CISO is a tough job. I have the end responsibility for the personal information of over a billion people.
If you send emails to your spouse or your lawyer or family members, you want to have these messages be confidential.
There have been a lot of questions since the 2016 U.S. election about Russian interference in the electoral process.
There's a big focus in the security industry on incredibly sophisticated attacks and on very sophisticated threat actors.
There's always a momentum in how users do stuff. Making small changes can have huge knock-on effects for whole companies.
We have perfected the art of finding problems without fixing real-world issues. We focus too much on complexity, not harm.
I have spent my career building and improving secure, trustworthy systems, and I am very proud to be working on security at Yahoo.
I don't think it's wrong for companies to work with the government. What's important is being trustworthy and honest with customers.
We will continue to invest in our people and technology to help provide a safe place for civic discourse and meaningful connections on Facebook.
For most companies, they don't want to ever talk about security unless it's an absolute emergency and they've had a breach. And I think that's a mistake.
Developing safe products for people around the world will mean accounting for a much wider variety of devices, networks, infrastructure, and political environments.
The nice thing about my job being CSO at Facebook is that it is well understood here that there is not a trade-off between the trust people have in us and our growth.
I think... all of the best public cryptographers in the world would agree that you can't really build back doors in crypto. That it's like drilling a hole in the windshield.
Tech companies are famous for providing freedom for engineers to customize their environments & experiment with new tools... allowing for this freedom helps creativity and productivity.
While preventing the distribution of malware through advertising is one part of the equation, it's important to address the entire malware ecosystem and to fight it at each phase of its life cycle.
There are major funding gaps for security research generally, particularly when it comes to defensive security practices and tools that will contribute to the protection and defense of the Internet.
If you break into an oil company and you're able to find out what gas leases they're interested in, that could be a multi-billion dollar swing in value for one company over another a multi-decade period.
A lot of the people who are hacking on behalf of governments are doing so on a contract basis. And they also do other things. They will hack on behalf of spammers, and will just be hired for a specific job.
There are a lot of Yahoo users who live in countries where their freedom of expression and freedom of association is not respected and where the government is trying to put malware on their computers to track them.
I generally use 'threat intelligence' when I'm talking about a product packaged and sold by a dedicated commercial entity and 'information sharing' as something that happens between security teams at trusted parties without renumeration.
Yahoo is a global technology company that provides personalized products and services, including search, advertising, content, and communications in more than 45 languages in 60 countries. As a pioneer of the World Wide Web, we enjoy some of the longest-lasting customer relationships on the Web.
Too many companies are reluctant to share technical information about threats with each other, and most open platforms and tools don't see widespread adoption. As a result, lots of us are reinventing the wheel and solving the same problems without realizing that our neighbors have already built great solutions.