Comments for Ed Bellis - ClearText

Comment on BlackHat Without The Drama by Talking InfoSec with the Experienced – RSA Edition — HoneyApps - The Blog

Mon, 03 Jan 2011 23:09:53 +0000

[...] attacks, cloud security and compliance among other things with David Mortman who had one of the most under appreciated talks at BlackHat I have ever had the pleasure to hear along with Richard Bejtlich who I spoke with on a [...]

Comment on Crowdsourcing Payment Security by David Marsh

David Marsh — Tue, 17 Aug 2010 20:12:24 +0000

Hi Ed!

I just read your section in Beautiful Security, and I was amazed at how clearly you saw some of the challenges and potential solutions in the payment security space.

I wish I would have read this a year ago, before I started working on the TransArmor project I am on. It would have spurred some interesting thoughts and helped frame some of the discussions that I had to learn hard lessons in.

TransArmor is a tokenization solution – we are (as you suggested) removing those crown jewel PANs out of the merchant environments so that the temptation and opportunity for breach no longer exists for would-be attackers.

I will also take a look at the wiki and see if I can add anything useful.

I would really like to hear some of your thoughts on the current proposed solutions – end-to-end encryption and tokenization.

Kind Regards,

David Marsh

Comment on The Vulnerability Arms Race by Tweets that mention The Vulnerability Arms Race « Ed Bellis – ClearText -- Topsy.com

Tue, 11 May 2010 20:09:28 +0000

[...] This post was mentioned on Twitter by Dan Cornell and Ed Bellis, Lucas Zaichkowsky. Lucas Zaichkowsky said: RT @ebellis: New Blog Post: The Vulnerability Arms Race – on CSOonline http://bit.ly/brXtg1 and backup here: http://bit.ly/d6JnhU [...]

Comment on 5 Things You Might Not Know About Ed Bellis by Laz

Laz — Wed, 10 Feb 2010 15:38:57 +0000

Ed, when are you going to swim the Chicago River?

Comment on 5 Things You Might Not Know About Ed Bellis by cleartext

cleartext — Sun, 15 Nov 2009 04:12:30 +0000

@andres thanks for the very kind words regarding the book. The chapter has actually been turned into a wiki on the O’Reilly commons site. I’d love it if you would look it over and perhaps edit and create additional content that you think would make this model apply to card present transactions as well.

you can find the wiki here: http://commons.oreilly.com/wiki/index.php/Beautiful_Trade:_Rethinking_Ecommerce_Security

Comment on 5 Things You Might Not Know About Ed Bellis by jack crouch

jack crouch — Fri, 13 Nov 2009 13:23:56 +0000

eddie….
i finished my research on blackie, it turned out 26 pages which includes his career at u of ala…….i sent him one at tampa and i also spoke with him on phone asking if he minded me offering you a copy……i will keep the original but if you want the other copy just let me know what address to send…….i received your previous email with tampa phone………that was blackies first question, ” how did you find me ?………………..jack 352-787-2436

Comment on 5 Things You Might Not Know About Ed Bellis by Andres Velandia

Andres Velandia — Tue, 10 Nov 2009 21:00:42 +0000

Hello: since I could not find any e-mail address to write to you, I have chosen this box to do so. I have been reading the book “Beautiful Security”, and have just finished chapter 5. I have found “beautiful” the proposed model; in fact, it made me think: how come nobody ever thought of this before?
Anyway, my only observation is that you have deemed your model as suitable only for card-not-present transactions. After thinking about it a little longer, the model fits perfectly card-present transactions, because the parties involved are just the same. From what I have read, I think consumers should use their credit cards (even debit cards) only with merchants that comply with all requirements proposed by you.
All in all, congratulations for your fresh interesting ideas about security.

Comment on 5 Things You Might Not Know About Ed Bellis by jack crouch

jack crouch — Sun, 01 Nov 2009 20:41:13 +0000

made friendship three years ago with edward thayer ”blackie” bellis about 85 yrs old, former baseball pitcher at U of Ala ’46,’47 residing in The Villages, FL. also played pro minor league baseball in Lynn MA ’47. i recently received copies from Lynn newspaper during baseball season of ’47 naming ed bellis several times as player on that team…had lunch with blackie about once a month up entill two mo ago….his answer maching on phone does not return my calls…would like to found out his current wherebouts…….auburn jack

Comment on 5 Things You Might Not Know About Ed Bellis by Sarah

Sarah — Wed, 09 Sep 2009 20:18:42 +0000

Too bad. *Rolling eyes even more*

Comment on OpenID SSO Everywhere! by OpenID Publishes Security Best Practices « Ed Bellis – ClearText

OpenID Publishes Security Best Practices « Ed Bellis – ClearText — Wed, 17 Jun 2009 20:11:03 +0000

[...] to my friend for getting a bit side-tracked off of his original question, but having written about OpenID about a year and a half ago, I felt the need to go through this and find out if any of the original concerns I had expressed [...]