twitter facebook rss

Norse – and a lesson for all of us

Posted by Kevin on January 30, 2016

Hearing that Norse is apparently on the verge of imploding (see Krebs) reminded me of a conversation I had with Ilia Kolochenko, founder and CEO of High-Tech Bridge, last year. The gist of that conversation – paraphrased, not in his own words – is that security has become a safe haven for money men. The […]

Tyupkin gang arrested by Europol

Posted by Kevin on January 7, 2016

Europol has disrupted an East European gang using the Tyupkin trojan to steal from bank ATMs. Eight people have been arrested following house raids in Romania and Moldova. Few details have been provided in the Europol announcement beyond ‘substantial losses across Europe to the ATM industry.’ Tyupkin is described here by Kaspersky. The report is […]

The European Parliament Demands Protection for Snowden

Posted by Kevin on October 29, 2015

The European Parliament, that is, the only elected and democratic part of the European Union, has passed a new resolution: Calls on EU Member States to drop criminal charges, if any, against Edward Snowden and grant him protection and consequently prevent extradition or rendition by third parties, in recognition of his status as whistle blower […]

TalkTalk’s Failure over Incident Response

Posted by Kevin on October 29, 2015

TalkTalk’s incident response has been an unmitigated disaster. Let’s look at some of the facts… CEO Dido Harding told the Sunday Times (after earlier admitting that she did not know if the stolen data had been encrypted), “[Our data] wasn’t encrypted, nor are you legally required to encrypt it.” That is incredibly crass. It implies […]

Get ready for some serious DoubleSpeak

Posted by Kevin on October 28, 2015

Two mutually exclusive principles continue their collision course: the European demand for privacy and the US demand for access to personal data. On Monday this week the European Justice Commissioner Vera Jourova was talking about the need to replace Safe Harbor with something mutually and legally acceptable. Following talks between Washington and Brussels she said, […]

ECJ Says Safe Harbor Is Not So Safe

Posted by Tara Taubman-Bassirian on October 8, 2015

‘A milestone’ or a ‘historical’ decision cry the media around the world. It is like a deluge of comments and articles. The Open Rights Group speaks of a ‘Landmark victory for Privacy rights’. Like a bombshell, following the Advocat General Opinion, the ECJ decision this Tuesday 6 October 2015 held the Safe Harbor decision 2000 invalid. […]

Who are you – scammer or victim?

Posted by Kevin on September 22, 2015

I believe that paranoia should be part of everybody’s security armoury. It is free. It scales up and down automatically in reaction to different circumstances. And while it should never be relied upon, and can be susceptible to more false positives than many other systems, I still recommend it. Take this: false positive or paranoia […]

Have Lynch and Europol just set in motion a solution to the Microsoft problem?

Posted by Kevin on September 16, 2015

It’s a conundrum. Microsoft is caught between two masters: Europe, where it is desperately seeking to increase marketshare against the dominant Google; and the US, its homeland overlord that it must, and indeed would like to, honor and obey. This conundrum is illustrated by Microsoft’s refusal to simply hand over a European customer’s emails from […]

Section 94 – the UK Section 215

Posted by Kevin on August 15, 2015

Julian Huppert, lecturer at Cambridge and formerly a Lib Dem MP, has written about a disturbing piece of legislation that most of us don’t know exists: Section 94 of The Telecommunications Act 1984. It is somewhat secretive — so secretive that even he, when an elected representative of the people, could not discover how often […]

The agony of indecision – Windows 10

Posted by Kevin on August 12, 2015

It’s just sitting there. Mostly it’s being quiet – but every now and again it pops up: ‘Here I am. What are you going to do about me.’ Well I don’t know. Do I install Windows 10 and obey the business logic; or do I ignore it and obey the privacy logic? The Business Logic […]