The authors of posts in this blog come from the Information Risk Management at PayPal. As a group we are interested in discussing what we see happening in the world of IT security as it relates to PayPal. So topics you might expect to see covered include trends that we are seeing in our security practice, architectural issues of various types, comments on the safety or effectiveness of protocols, operating systems or browsers.
This is not a marketing venue (as you will no doubt discover from the degree of polish on the posts) and in fact it s not an official PayPal blog at all.
We welcome dialog with other security professionals about the issues raised here - polite disagreement and debate is welcome.
Informed questions are welcome and we will answer what we can within the bounds of good security practise, but if you have a complaint about PayPal, please raise it through one of the many formal channels that exist (or feel free to express your opinion on any of the Internet sites dedicated to that purpose).
Owing to the obvious challenge of keeping the signal to noise ratio high, comments will be moderated.
The opinions expressed are those of the individual authors.