CA

by

The Good, Bad, and Ugly of Technology Acquisitions

It is the foundation for the free market system and capitalism and it is every entrepreneurs dream; build a great technology, execute and achieve excellence in GTM, deliver fantastic value to customers and take great pride in watching your passion grow – fast.

Then it happens; the exit, the liquidation event, the ‘golden ticket’ and in a blip of your time on this tiny little rock your life changes.

Last year, after spending almost four years as the CTO of BigFix, we were acquired by IT industry behemoth IBM (IBM to acquire BigFix) for what was the largest acquisition of a private software company in 2010 (second was CA’s acquisition of Nimsoft at around $380m) and my life changed…

Continue reading

by

Client Hosted Virtual Desktops Part 1; Own the OS

We all know that IT security and operations is becoming a more challenging and untenable problem day by day – see “Top 10 Reasons Your Security Program Sucks and Why You Can’t Do Anything About it” – The reality is that we continue to build on top of inherently insecure and fundamentally weak foundations, such as the operating systems and routing infrastructures that power much of the global economy.

We need an alternative to the current computing paradigms that all organizations struggle with.

Continue reading

by

Browser Security Fail, MD5 broken, CA gone rogue

md5_team_small

A group of security researchers (Alex Sotriov, Jacob Appelbaum, Mark Stevens, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne De Weger) have identified a vulnerability in the public key infrastructure used to issue digital certificates for secure websites. As a proof of concept they have shown they can perform an attack scenario that creates a rogue Certificate Authority (CA) that is trusted by all common browsers. This allows one to impersonate any website on the Internet, including banking and other transaction based sites secured with HTTPS protocol (SSL) (here) with details (here) Continue reading