Blog

Reading the observations, and recommendations of Dame Pauline Neville-Jones with respect of Internet Security, I must admit to having a flow of Déjà vu sweep over me. This driven by statements of a Government Minister who said “we need to speed up work on cyber security because t ...

  Recently HTC acknowledged a vulnerability that can expose a user’s WiFi credentials, including the WiFi SSID and security passwords to a malicious app running on some of its Android phones. The vulnerability was discovered by the security architects Chris Hessing and Bret Jordan, and i ...

First, please excuse me for letting my inner Archie Bunker vent a little. If you are anything like me, then you could care less about updating your Facebook page on an hourly basis. Sure, I have a page, but maintaining it is both a bore and a chore (pardon my weak rhyming scheme). What are even wors ...

I am honoured to have been invited back to present at the prestigious e-Crime Congress to be held in London, March this year. However it caused a flash-back to the last occasion I presented at Congress in 2009, when things seemed to be very different. It was around that time when myself, and a smal ...

Anniversaries are often a time to reflect on the past but also to look to the future. A major anniversary in the field of computer security was reached on the 15th of January this year. That date marked the 10th anniversary of Bill Gates' famous memo marking the start of Microsoft's Trustworthy Comp ...

You can't make an omelette without breaking a few eggs, or in this case grating a few nerves. However, the 'King has no Clothes' approach has never really worked for me, or for that matter, as an instrument to cloak, what would seem to be a sprinkling of lacklustre strategies for defending against t ...

Kevin Townsend asked me for my opinion on iGadget jailbreaking, in the light of the recent release of Absinthe, a jailbreaking tool for the iPhone 4s and iPad 2. As a result, I’m quoted in a useful article for Infosecurity magazine here that also includes quotes from luminaries such as David E ...

We have come to expect the Internet to be leveraged by Hacktivists to carry their political, or commercial bashing message forward to the masses. We realise that the opportunities presented by the global media channel of the Internet can be utilised to gain access to a reading public made up of bill ...

  Message to ‘Wikipedia’, ‘Google’, and ‘Craigslist’: We can all protest, but is it acceptable and professional to impact the public?  

2012 was looking quite quiet in Apple security terms up to now, but I see that the guys behind the OSX/Flashback Trojan are quietly beavering away. No sooner had  Apple updated XProtect, a system utility that provides a certain amount of protection against a selection of OS X-targeting malware, ...

It was back in 1999 I worked for General Motors (GM), when the topic of internet enabled automobiles entered my professional vocabulary. Around that era, GM were researching the future scene of the motor-car, leveraging a technology called OnStar. At that time, being one of only a few security ...

Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, ...

I thought this piece by Jo Maitland over at SearchCloudComputing.com was interesting, because it so closely reflects the experiences of a large number of businesses faced with the specter of uncontrolled cloud usage. Indeed, the story is an old, familiar one: Girl meets cloud. Girl ...

After mentioning briefly about the recently discovered Wi-Fi Protected Setup (WPS) vulnerability due to certain design flaws in various routers of major Wi-Fi Vendors, the present blog tries to capture the potential implications of the WPS vulnerability. Unauthorized Access to Wi-Fi network: With t ...

You may have noticed that when it comes to security, 2011 was not one of the best years, with events occurring, ranging from Sony, through to HBGary, and RSA. However, the concern, and focus here is on the two events which impacted organisations that trade in security, as forgive me if I am being pr ...

Adding to the users convenience, Wi-Fi is increasingly becoming a default capability of many consumer devices, including smartphones, printers, cameras, TVs, etc. to wirelessly share contents, access Internet or connect to a particular network.   However, configuring the correct Wi-Fi settings ...

It is every professional organisations desire to keep their valuable IPR safe, secure, and beyond the reach of compromise. To achieve this, many invest in some form of DLP application to assure security is accommodated. However, it is here where the creeping disease of over dependency on application ...

I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handl ...

As we roll up to the end of the year it's usually time to start making predictions about what will happen next year. But since Drew and the team already did a great job of that I'll instead take a step back and take a look at the shape of the forest, rather than discuss individual trees (import ...

Well, here we are at Christmas Blog number four, and in this run-up to the most magical time of the year, we have considered Security Awareness, Santa, and NORAD – a very interesting mix. However, let’s move on to the really interesting bit – the giving, and RECEIVING of presents. ...