If you wondered what that image in my last post was, I should tell you that is a piece of disappointment. Basically, in PKI you trust a certificate authority (CA) to help you verify the trustworthiness of others. If this CA does not do a good job, then you may have ended up trusting identities you did not have a reason to. If you trust someone once and they disappoint you, it is their fault. But if you trust that party twice, then it is your fault.

However, sometimes it has nothing to do with CAs and it has more to do with the fact that hackers, crackers, and researchers are quickly catching up with cryptography technology. (i.e. MD5 considered harmful today) One of my friends believed that none of the hackers or crackers have access to enough of equipment to perform these kinds of attacks on cryptography algorithms. These guys used 200 Sony Playstations, and they ended up breaking MD5, huh? Tell me what they can do with 250,000 computers? Well, John Schiefer went to jail for owning that many zombies...

Watch out for a new scam where sites or e-mailers claim they can help you qualify for stimulus money for small amounts of money (think $1.99). The idea, of course, is that Obama's stimulus package is handing out money and you could qualify for some of it. Websites are using this as a means of getting your credit card information and using it for fraud. Some are sneakier, just by clicking on links you can have spyware or malware downloaded on your computer. I guess the problem is becoming serious enough that the FTC (Federal Trade Commission) has to get involved. See their site for more details.

It makes sense: in tough economic conditions people are desperate for ways to get their hands on money, and others (also desperate for money) will take advantage of the situation. One good way to cut down on fraud like this is simply spread the word. It always amazes me how fast word spreads on a subject we really need not care about (Jen meets with Brad and Angelina...), but the important ones often go under the radar.

Identity – do I own my identity or does my identity own me? To be clear about the concept of identity, let’s define it as a set of features which are supposed to distinguish me from any other person. In a more simple language I would say my identity is the comprehensive answer to the question of “Who am I?” If I wanted to give an answer which I am able to prove , after a few moments of silence, I would go with: “I am who I am!” I could have started introducing myself with all those commonly known identity basics. But then the problem would be that I could not prove any of it!

Or if I could provide my proof for owning any of those features, I call them building blocks of my identity, it would be just context sensitive and nothing close to an absolute provable fact. I wish I were not identified with the identity elements which my surrounding societies attach to me. I would call my assumed identity a pseudo-identity! I do not own the elements of my pseudo-identity and I am not able to control them. And I can see that sooner or later, this pseudo-identity will take over who I am! I am not who I am, I am the truth in the silent moments before answering the question “Who am I?”

My Dad spent over forty years in the Royal Canadian Mounted Police. Over the course of his career, he was stationed through F-Division (RCMP-speak for 'Saskatchewan'). Being RCMP brats, my little sister and I were lucky enough to live in some very interesting places.

One of the more interesting places we lived was a vibrant little town called Carlyle. I was seven years old when we moved there and the whole town quickly became my playground. Perhaps the most interesting aspect of Carlyle was its proximity to other little towns, like Arcola, Kisbey and Forget. One of my parents' good friends lived in Forget, so we used to spend quite a bit of time in that beautiful little place with its fascinating history.

Author's Note: Dan and Shane wrote some pretty wonderful articles yesterday, so I am feeling pretty nervous about this one.

NetSecure Technologies' security guru, Nima Sharifimehr and I were having a conversation about this blog and some articles we hope to write together. After a particularly enlightening conversation on fields like privacy, social media, information security, and sidejacking methods, I asked him for a list of things that he would teach every internet user in the world about security.