Category Archives: Infosec

Have we created a monster?

      No Comments on Have we created a monster?

Recent reports that one part of the Russian security service has been driven to return to typewriters through fear of data leaks is a comic case of the world coming full circle for IT industry watchers of a certain age. Back in the day when the IBM PC was first launched and we all started on the path to consumerisation,… Read more »

The race for 4G heats up – thanks to the liberalisation of the wavebands

I managed to get my hands on one of the latest LTE (4G) portable modems from EE – the new name for the Orange and T-Mobile combination cellcos – and have been putting the Huawei 5776 unit through its paces. In an idle moment at the weekend I downloaded the technical specifications of the unit and nearly dropped my coffee,… Read more »

ContraRisk Security Podcast 0016: DDoS and trust on the Internet

» Listen or download now on the podcasts page » People bank and shop online, but do they really trust the companies with which they are doing business? Research by Integralis suggests that they don’t. It found that around a quarter of people don’t trust any organisation to secure their personal information. Given that trust is an integral part of security… Read more »

Can’t get no satisfaction?

      No Comments on Can’t get no satisfaction?

Following last weekend’s Glastonbury Festival, many baby-boomer security professionals will be back at their desks buoyed by the performance of the Rolling Stones. The ageing rockers’ ability to win over a much younger audience with 70s classics like ‘Can’t Get No Satisfaction’ has in fact provided a lot of satisfaction to their peers that the older generation still have something… Read more »

ContraRisk Security Podcast 0015: Prism and the cost of surveillance

» Listen or download now on the podcasts page » In all the debate raging around the NSA’s phone and Internet interception programme, PRISM, little seems to have been said about how it works – and particularly, how well it works. If you’re a conspiracy theorist or natural paranoid, it’s easy to imagine that PRISM flawlessly and effortlessly plucks suspicious messages from… Read more »

ContraRisk Security Podcast 0014: The continuous security model

» Listen or download now on the podcasts page » In many organisations, security is in a bit of a mess. Solutions have been layered on to counter a variety of threats against a variety of assets. But the result is a configuration management and upgrade nightmare. In spite of vendors’ claims, there’s no silver bullet to security, and maybe you need… Read more »

ContraRisk Security Podcast 0013: Proactive security and the benefits of a strong identity

» Listen or download now on the podcast page » According to a survey by Bit9, administrators are less confident than ever about their ability to secure their servers. Why is this? Michael Bilancieri, director of project management at Bit9, talks to us about the disappearance of the traditional perimeter and how this is making administrators nervous. There is a greater… Read more »

PRISM and Obama’s lie

      No Comments on PRISM and Obama’s lie

In the maelstrom of accusations, opinions and spin whirling around the PRISM revelations, there’s one statement that stands out as particularly chilling. US President Barack Obama said: You can’t have 100% security and also have 100% privacy and zero inconvenience. We’re going to have to make some choices as a government. Implicit in that statement is a breathtaking lie. You… Read more »

So where will we be with security in the Year 2020?

I was fortunate enough to be asked to make a presentation last week on where I think IT security will be at the end of the decade – and, whilst I was tempted to make my own predictions, I realised it was far better to let the captains of industry I have interviewed/observed in recent months make their own predictions…. Read more »

Google Glass: a security disaster waiting to happen?

So, it seems we have the first vulnerability for Google Glass, even before the product from your favourite Internet stalker hits the stores. Consultant Jay ‘saurik’ Freeman has described how he used a known exploit for Android Ice Cream Sandwich (4.0) to get root on Glass. This isn’t going to endear the platform to people who are already worried about… Read more »