Category Archives: Infosec

A note about this ‘cyber’ thing…

I know quite a few people – hackers mostly – who get quite snarky and condescending over what they see as the media’s overuse of the ‘cyber’ prefix. In fact, I’ve just had an email exchange with a friend on this very topic. The media, the thinking goes, always get their panties in a bunch whenever anything ‘cyber’ is involved,… Read more »

Clueless about the Internet

      1 Comment on Clueless about the Internet

UK Prime Minister David Cameron is in the US trying to get President Barack Obama to help him stop people being beastly on the Internet. And he’s also using the opportunity to prove to the world, once and for all, that he hasn’t even the faintest idea how the Internet works. Cameron wants to ban messaging apps that use end-to-end… Read more »

Contrarisk Security Podcast #0030: Identity and privacy

» Listen or download now on the podcasts page » With the Internet now playing such as intrinsic part of our lives, identity management (IM) has entered a new world. As Daniel Raskin, VP of marketing at ForgeRock, explains in this interview, what was once a simple matter of allowing employees to authenticate themselves on a local network has moved out… Read more »

Contrarisk Security Podcast #0027: Masking sensitive data

» Listen or download now on the podcast page » There’s lots of talk about putting security close to the data. One way of doing this is data masking, which obscures or modifies data as it is used according to a set of rules. In this interview, Amit Walia of Informatica explains how data masking means that people see only the data… Read more »

Caller ID withheld? Don’t make me laugh…

Last month I discovered I’d lost my EHIC – European Health Insurance Card – whilst travelling through Manchester airport. I don’t know what happened – I think it left behind whilst I was I replacing my belt, shoes, jacket, wallet, mobile phone and other pretty pathetic stuff the public have to endure in the name of security whilst traversing the… Read more »

Android security: surviving the toxic hellstew

With an 87% global market share, it’s no wonder that Android devices are attracting malware authors like circling vultures – much to Apple’s delight. There’s a kind of hackers’ arms race going on as they compete to plant nastier and nastier bugs on Android phones. The latest arrival is ransomware, which infects and encrypts your files then (sometimes) releases your… Read more »

Contrarisk Security Podcast #0025: software vulnerabilities and change management

» Listen or download now on the podcast page » Software vulnerabilities Software flaws are at the root of many security exploits, and year after year we see the same old issues topping the OWASP top-ten, such as SQL injection and cross-site scripting (XSS). Are these really such hard problems to tackle? Or is the message just not getting through to… Read more »

Windows XP – not quite end-of-life just yet…

After attending no less than three shows and conferences in the last 10 days, I’ve been enjoying the luxury of a few days working in the office catching up with my emails, one of which was a missive from Microsoft with a copy of the software giant’s bi-annual Security Intelligence Report. Amongst many statistics of interest, Redmond Inc. reveals that… Read more »