Unscrewing Security

  • Nominet: a website, by any other name, would be more secure?

    So Nominet - the people who own, manage and monetise the top-level .uk DNS domain - propose to allow creation of domain names directly under the UK suffix (PDF). Thus instead of inflatable-widgets.co.uk you could instead own inflatable-widgets.uk...

  • If it turns out that LinkedIn passwords have leaked...

    Rumours are circulating on the net that a database of hashes of LinkedIn passwords has been published on a Russian hacker site. I cannot confirm this but if the article referred to above is correct then there is a risk to LinkedIn users;...

  • Chinese Cyberwarriors in your Chips?

    The security interwebs this morning are alive with reference to Sergei Skorobogatov's webpage at Cambridge, the key quote from which is: We developed breakthrough silicon chip scanning technology to investigate these claims. We chose an American...

  • Ask Alec: Security for Freelance Developers and SMEs

    So in my mailbox a few weeks ago there arrived the following: Hi Alec I was wondering whether you'd mind doing me a small favour. It'd be great if you could punt out a quick top 5 / top 10 tips for sensible data security practices for freelance...

  • Cybersecurity: Demand An Evidence-Based Approach

    In the days before the SOPA blackout a popular meme infected the interwebs: Dear Congress: It's No Longer OK To Not Know How The Internet Works Directed at the US Government this article and its related discussion decried the creation of new...

  • Still Scrambling For Safety

    Dateline: the late 1990s; in the USA and UK there is fear and debate over development of new technology which renders moot the "existing capability" of Government agencies to intercept internet communication - thereby risking intelligence (even...

  • Surveillance? The Liberal Democrats aren't supporting it...

    It's been a good few months for surveillance, its practitioners and its supply industry - barnstorming industry conferences, massive media coverage of technology and puff pieces on government projects stateside ... oh, wait, is this meant to be...

  • Learning about Cybersecurity from an Unnatural World

    I was listening to the rerun of File On 4[1] this evening, and a chap from the FBI said something very sensible about Cybersecurity. Albeit the programme itself was nothing to do with cybersecurity and its tone was mildly hysterical in...

  • Digital Darwinism: Perspectives for Industry and Government

    A few days ago I spoke on a panel at PICTFOR - the Parliamentary ICT Forum - some writeups of which have been posted elsewhere; but a few days prior in preparation myself and some friends had the opportunity to speak with PICTFOR Vice-Chair Eric...

  • Merry Christmas - it's another Twitter XSS bug!

    Update: fixed now, less than 8 hours later. Isn't technology marvellous ? Recently Twitter bought TweetDeck, a provider of custom twitter-browsing clients which were popular amongst many Twitterati for dealing with bulk tweet-management. Twitter...

  • #LondonCyber: our very own Star Trek conference

    So the FCO's London Conference on Cyberspace is here - and on Twitter - and you cannot have missed yesterday's press trailers: BBC Cyber attacks on the UK are at "disturbing" levels, according to the director of Britain's biggest intelligence...

  • Username: Google ; Password: 2bon2btitq

    Google are (in partnership with Citizens Advice Bureau) running a campaign about how to stay safe online, and to this end adverts are appearing in London tube trains explaining how to create longer, more memorable passwords, using an example from...

  • Amazon, Google, the Platform and Security

    A few days ago Steve Yegge posted a rant to his Google+ account with the intention that it would stay Google-internal. Oops. You can read the rant - now replicated all over the net, for instance YCombinator or mirrored back at Google - with...

  • Riot

    This evening at a barnstormingly good Reading Geek Night I was chatting with a somewhat older "ICT" chap and told him that I do security. We spoke of privacy, we spoke of secrecy, and the subsequent conversation went somewhat like this: Him:...

  • Security Events To Watch: 44Con London Security Conference

    I've long thought that the UK needed a real security conference; for years we've had the booth-bunny fest that is Infosec where you get to see anti-virus pitchmen working the crowd like the guy at my saturday market vegetable stall; or there are...

Latest UK