Random thoughts ranging from human behavior (neuroscience & psychology) to information security to coffee, gardening, and life reflections.
Today I'm late with my newsletter. My son is also late in working on his science project. He didn't get to finish the superbowl because of it and neither did I (I wanted to see the commercials). Although I'm upset about it, I have no one else to blame but myself.
One time I went to reset my password for my local bank account (a long time ago). When I received the password reset email, I was shocked. SHOCKED. Why?
My password was sent to me in plain text!
Now, there are several things wrong here, but can you point to what the most egregious one is?
If you think it was because the password was in plain-text, well, although that's really bad, that's not all of it.
When your actual password is sent to you, that means your password is not stored securely at all. It's not hashed in a reversible algorithm, but in fact being stored in a database somewhere.
As a concerned security citizen I emailed the bank asking for the security person responsible.
Here's where it gets interesting... the security person in charge insisted that the security of this process was OK!
We went back and forth, but they did not budge.
I still have the emails. :)
The human brain is the only animal brain that can predict the future. In fact, many of our decisions are based on historical context and not made in realtime. Our brains and bodies cannot respond fast enough to make real-time calculations.
Our brains go through a prediction cycle of Predict –> Simulate –> Compare –> Resolve Errors according to Dr. Lisa Feldman, author of How Emotions Are Made.
So the next time you are envisioning yourself in a new situation, but can't quite make it, go and see what others are doing. Your brain needs a catalog or index of data to build on. That's why watching Science Fiction and Fantasy is said to stimulate the creative mind.
In the book, How Emotions Are Made, the author mentions Intrinsic Networks (https://how-emotions-are-made.com/notes/Intrinsic_networks). In my recent neuroscience studies, I've learned about Brian Networks, including the Default Network. It seems to be the same thing so far.
What's fascinating is the how these networks work... they are not an on/off kind of model but more of a fluid collection of tributaries, streams, rivers and lakes! Even the data being processed is phenomenal. The author mentions how one retina “transmits as much visual data a fully loaded computer network connection in every waking moment.” Wow!
The topic of zero-trust came up again today, in a good way. What does it means to teach people about Zero Trust? Well, it means doing away with the mindset “internal is safe”. It means giving fine grained access to only resources that are needed. It means strong authentication at every juncture.
A new vendor was mentioned to me (https://www.twingate.com/) so going to take a look. I had a blog post (https://cloudsecuritylabs.io/blog/what-is-zero-trust/) with references, so I need to update that.
Hello World!