Call me a little slow, but I just started picking up on this whole new world of ad-supported software applications. The amazing thing to me is that despite the lack of licensing and maintenance revenue, there's some pretty cool ad-supported software out there that actually works quite well. But are you OK with banner ad's flashing across one of your enterprise apps in exchange for a purchase price of $0?

PAC, as in personal access control. Getting unauthorized access to a company's assets is often child's play, and security pros know that. Guys like Steve Stasiukonis, CEO of Secure Network, and Ira Winkler, CEO of ISAG, can regale you with stories of literally walking into supposedly high-security buildings like they walk into the grocery store. The underlying flaw is often people. These two gentlemen look like nice guys, and they are. But if Steve and Ira were morally challenged, they could the steal the shirt off your back.

As part of our on-going coverage on network access control, InformationWeek's NAC Immersion Center was recently updated with new content from recent Las Vegas Interop keynotes and presentations.

The blogosphere has reported recently that Jason Crawford of Lockheed Martin's Wireless Security Lab has managed to crack a WPA-encrypted network with a bunch of Sony PlayStations. Hopefully he didn't break them in the process. So what's the purpose? Read on.

My recent article on BSM generated more e-mail than just about any other story this year. What was most interesting were the different (and diametrically opposed) perspectives that I saw.

Word on the street is that a company called Touch360, a self-described company of "explorers, innovators, creatives, and researchers with a yen for adventure," has apparently developed a wireless USB thumb drive. Data thieves everywhere, rejoice, because soon your victims will just walk to within range of your laptop and you'll be able to suck all the data off their thumb drive.

802.1X is a relatively simple protocol once you understand how it works. It's all the moving parts like EAP, EAP Types, RADIUS, and RADIUS attributes, that get complicated. Sorting out how it all works and the shortcomings of 802.1X is well worth your time if you want to implement network access control.

Tenable Network Security is changing the licensing model for Nessus. The new licenses go into effect July 31. They replace the free Registered Feed option where users could update plug-ins after a seven-day period with a free Home Feed that offers updates with no delay and the current Direct Feed, which will be replaced with the Professional Feed.

Jeff Vance of Network World put out a great piece a few months back on how a data leak prevention tool running at George Washington University Hospital averted what could have been a major security risk to Vice President Dick Cheney. But while this technology clearly has a tremendous security upside, will pervasive use of this technology lead us down a China-like censorship path?

If you're responsible for the security of your network and its data, you might want to shift your focus away from looking at your network from the outside in, and look at it from the inside out.

From a threat perspective, insider attacks can be thought of like an al-Qaida element operating within your walls. You might not see the threat or an actual attack on a daily basis, but you know the threat exists and you must plan for it. Similarly, attacks from the outside can be thought of as a Hamas-like element that exists outside your corporate boundary. Hamas-like attacks are more predictable and identifiable in nature, and as a result are easier to plan for. While both threats are serious, it's the attack from within that always comes as a surprise.

Interop 2008 -- less circus, more substance. The major themes revolved around data centers. Switching and virtualization were top of mind with announcements from Cisco, Extreme, and various software vendors supporting virtualization. Some interesting demos and road-mapped items were discussed as well.

If you're like me, then you have a drawer full of USB thumb drives that you've collected from vendors over the years. Whenever I'm in a rush, I pop one out, copy some data to it, and transport it to its destination. Then what do I do? I usually leave it around like I do pens, sticky notes, and CD-ROM's. And while I encourage you to steal my sticky notes, I care a lot about protecting my thumb drives from theft. If you're not taking seriously the threat that removable devices pose to your network, now's the time to pay attention.