Tag: security
-
AI and the truth
We are possibly at one of the greatest inflection points in human history. Strong words, but hear me out … In recent years, it’s become trendy to push one’s own truth in the absence of fact. This trend is known as wokeism, and has been and is being pushed in many social areas such as…
-
Google Chrome and privacy – opposing forces?
Audio transcription The Google Chrome browser was first released in Sep 2008 as an alternative to rival browsers, to “address perceived shortcomings in those browsers and to support complex web applications”. Google also wanted a browser that could better integrate with its own web services and technologies. That last statement speaks to the heart of…
-
Plex Discover: a lesson in privacy
Audio Transcript It’s a common refrain: my data isn’t important so I don’t need to protect it, I’m unimportant so my information doesn’t matter … There’s recently been some horror stories of overly ‘ambitious’ policing of internet-related activities. Like the father who sent pictures of his son with a developing issue to their doctor for…
-
PKI, processes and security
Audio transcript PKI, or Public Key Infrastructure, is the general term used for establishing and managing public key encryption, one of the most common forms of internet encryption. It is baked into every web browser (and many other applications) in use today to secure traffic across the public internet, but organizations can also deploy it…
-
Authenticator App Security
One would think that your authenticator app would be a secure app? Right? But what happens when your authenticator app tracks your usage and records your behaviours? Well it seems that this is a fairly common practice amongst even the most popular of apps. Naomi Brockwell recently did a YT video discussing the results of…
-
SSL/TLS Certificate lifetime redux
I wrote an article in 2020 about SSL/TLS Certificate lifetimes, the upshot of which was that the certificate/browser industry had just moved to 1yr (398 days to be precise) certificate expiries. I noted the following: There have been a number of attempts over the years to reduce the lifetime of certificates as they apply to…
-
KeePassXC – a review
Password managers have seen a new focus (both good and bad) over the last couple of years especially in mainstream news and media. With security folk like Rachel Tobac and Shannon Morse pushing the security mantra (in a relatable way), a lot more people are seeing the light so-to-say and coming around to the fact…
-
IT Security for the Small Business
Structured IT Security is generally seen as the domain of the medium to large enterprise as it can be an expensive exercise to implement properly, and requires hard-to-find skills. However, there are a lot of areas a small business can tackle to improve their security status considerably without breaking the bank. I’ll simplify this process…
-
GPC / Global Privacy Control
Do Not Track It’s quite amazing to think that DNT or Do Not Track was first proposed back in 2009 – 13 years ago. This was a first-stab method at the issue of website privacy and the horrendous marketing machine that is the internet. DNT was designed to allow users to opt-out of website tracking,…
-
The little camera that could
IT and Network Security is a tough arena. Keeping networks, systems and data secure from what can only be called a total onslaught of malware and other malicious attacks, is a difficult task. What makes the task even more difficult is the general indifference of (especially) SMEs to the potential harm that can be caused…
-
Storm in a WhatsApp teacup?
Facebook’s recent update of the Terms of Service for Whatsapp has got a lot of people riled up. And quite rightly so. The core of this issue is not privacy of information as many believe, but rather pure business economics – let’s cover the basics first. There are 2 primary considerations for using cloud services…
-
Browser Security
Browser technology and security events always make for interesting reading especially due to the fact that we do the majority of our online work these days through browsers, be it general web surfing, accessing enterprise apps or managing systems and devices. Browser features and security are therefore critical – this shouldn’t even need to be…
-
RDP – the gift that keeps on giving
It’s long been known (at least in security circles) that the RDP protocol, as well as client and server implementations, are horribly broken. While a BlueKeep (the most recent RDP vulnerability) worm has yet to surface, brute-force password attacks on RDP services are a dime a dozen and occurring at a rapid rate. PoC code…
-
The great web developer con
Another day, another dodgy web developer story. The premise: We would like to offer you a website design for X amount. But to do so, we need to transfer your domain to us. This tale is a pretty old one but it appears to be flourishing – the lure of a good once-off price for…
-
DMARC: optimising email delivery
Email is a fickle thing … There are a huge amount of dependencies involved in what seems like a small task – sending an email. What started out as a simple method of exchanging messages has morphed over the years into a cobbled-together monster as needs changed and especially businesses required a more robust and…
