twitter facebook rss

Security Certificate #FAIL: No FT, No Comment

Posted by David Harley on July 25, 2014

The Financial Times is running a Cyber Security Conference, but maybe it should be more scrupulous about its own website security practices.

What’s wrong with writing passwords down?

Posted by Kevin on July 21, 2014

A new research paper from Microsoft Research (Redmond) and Carleton University (Canada) takes a scientific look at the problem of maintaining multiple strong passwords. The issue is simple and well-known. Users now have so many online accounts that it is impossible to remember strong individual passwords for all of them. The result is that many […]

WiFi advice from a Spanish poolside bar

Posted by Robin Wood on July 21, 2014

I just got back from a holiday in Spain where I found the poolside bar had better WiFi security than a lot of companies I know. I’m thinking more of guest networks than main corporate ones here but this bar even out did some of those. Looking at why they were doing what they do, […]

Mozilla proposes changes to the Privacy Principles

Posted by Alexander Hanff on July 19, 2014

Today I received an email from Mozilla’s privacy list with proposed “Revisions to Privacy Principles” which I feel are a clear illustration that Mozilla is becoming a rogue player in the browser space and is now more interested in monetizing their users than protecting them. Allow me to address each of the proposed changes in […]

Cameron is destroying anything worth defending – the terrorists have already won

Posted by Kevin on July 10, 2014

Anybody who knows anything about how the intelligence services lead the British government by the nose will not be surprised: Britain said on Thursday it would rush through emergency legislation to force telecoms firms to retain customer data for a year, calling the move vital for national security following a decision by Europe’s top court. […]

Never tell an AV guy that he’s unnecessary

Posted by Kevin on July 8, 2014

If there is one thing I have learnt in years of security, it is this: never tell an AV guy that he is not necessary. But that is exactly what Adrian Ludwig, the lead engineer for Android security at Google, seems to have told the Sydney Morning Herald: The majority of Android smartphone and tablet […]

The US economy is far more fragile and endangered than you might think

Posted by Kevin on July 7, 2014

In the modern world, the new weapons of war are no longer just guns and munitions, but money and intel. Intelligence is like any other weapon of war – if you have more and of better quality than the enemy, you will win. That requires acquiring knowledge of the enemy while preventing the enemy from […]

Google, the right to be forgotten, and dogs’ breakfasts

Posted by Kevin on July 5, 2014

Google is making a complete dog’s breakfast over the European Court of Justice (ECJ) ruling that confirmed it is bound by European data protection laws. You may recall that in May the ECJ ruled that …the Court holds that the operator is, in certain circumstances, obliged to remove links to web pages that are published […]

A life-long commitment to privacy.

Posted by Alexander Hanff on June 30, 2014

For the past seven years I have been advocating for stronger privacy across the globe, both in my role at Privacy International, where I managed their digital privacy portfolio for three years, and as an independent expert. Much of the first five years were focused on lobbying for changes in global privacy laws to change […]

Support Scams and Developer Data Harvesting: is there a Connection?

Posted by David Harley on June 23, 2014

Richard Hay tells us that a cold-caller ostensibly from the DVLUP programme may actually be hoping to harvest some sensitive personal data. Is this human trojan horse from the same stable as tech support scams?