security

You are currently browsing articles tagged security.

[Update 2.25pm: Comments on Twitter have persuaded me to emphasise that the question here is specifically about "personal safety" only, not lame and replaceable possessions, and my personal safety at that. As the second-last paragraph says, the risk profile might not be the same for everyone. These are the choices I've made with open eyes.]

“How do you think that tweeting your day plans affects your personal safety?” asked Ravneel Chand a short time ago. Overall, I reckon it actually increases my safety. Here’s why.

Background first. Here’s today’s “daily plan” tweet which, like those on pretty much every other day, is tweeted shortly before I settle down to work.

Thu plan: Bump out Waratah Cottage; 1032 train to Sydney; lunch (where?); errand Newtown/Enmore; write something; evening TBA.

Later in the morning I mentioned that I’d be catching a later train. And then, just as I left the house:

Mobile: Cab, shortly, to Wentworth Falls; 1132 train to Sydney Central; train to Town Hall station; 1335 walk to SEKRIT hotel and check in.

Clearly the fear being expressed is that by knowing my movements some bad person could more easily do me harm. But let’s do a proper risk assessment. You start one of those by enumerating the risks, and then you look at how this additional information might change those risks.

Read the rest of this entry »

Stilgherrian’s links for 08 November 2009 through 18 November 2009:

See what happens when you don’t curate your links for ten days, during which time there’s a conference which generates a bazillion things to link to? Sigh.

This is such a huge batch of links that I’ll start them over the fold. They’re not all about Media140 Sydney, trust me.

Read the rest of this entry »

Stilgherrian’s links for 23 April 2009, presented with perfectly-pointed toes:

Stilgherrian’s links for 11 March 2009 through 18 March 2009, posted after considerable delay in some cases:

Stilgherrian’s links for 20 January 2009 through 24 January 2009:

  • VPNOut: “VPNOut provides secure and anonymous VPN access that can break through firewalls.” And past censorship.
  • Apple’s 1987 Knowledge Navigator Video | YouTube: A remarkable “concept video” looking at how we might use computers and the Internet in “the future”, i.e. now.
  • EGovernment nets most callers: survey | PS News: A Department of Finance and Deregulation survey has found more Australians now contact the Government via the internet than they do by phone or in person.
  • Cursebird: What the f#@! is everyone swearing about?: Apparently on Twitter I swear “like a George Carlin Wannabe”. I’m ranked 355th in the world, putting me in the very top percentile. I wonder what the stats would look like for Australians only?
  • 7 Steps To Build A Startup From Scratch With No Money | YoungEntrepreneur.com Blog: What it says.
  • Dark Dungeons | Chick Publications: This book from a well-established evangelistic Christian publisher, points out the evils of role-playing game Dungeons & Dragons.
  • Obituary: Sir John Mortimer | guardian.co.uk: Geoffrey Robertson’s obituary of Sir John Mortimer, creator of fictional lawyer Rumpole of the Bailey and a decent lawyer in his own right. Apparently in his youth Mortimer “encountered with interest the bookshop-owning lesbians who had taken opium with Cocteau, and a prim, elderly lady who had, in her youth, urinated regularly upon pioneering sexologist Havelock Ellis.” Goodness me.
  • Schapelle Corby Tour: “My name is Eddie Hutauruk and I have been running tours in Bali for over 8 years. Schapelle Corby Tours is our latest venture, and is fully respectful of Schapelle and her situation… Schapelle Corby is a convicted Australian drug runner, and my tours allow people to see Schapelle in her cage at Kerobokan Prison in Bali. Tours can be arranged for most days of the week and pick-up is possible from most Bali hotels.” Very clever.
  • Folk Devils and Internet Safety | Daithí mac Sithigh’s blog on cyberlaw & media law: Another view on the report of the Internet Safety Technical Task Force which said, amongst other things, that the risks of bullying online are far more important that worrying about the rare instances of adults soliciting for sex.
  • A chat with Fake Stephen Conroy | ZDNet Australia: What is says. Rather amusing, I reckon. And no, I am not Fake Stephen Conroy. But I have my suspicions about who it really is…

Here’s why the Director of Public Prosecutions (for American readers, read: District Attorney’s office) dropped the charges against The Chaser crew for their APEC security-breach stunt.

Read the rest of this entry »

Image from The Chaser team arrest at APEC

News has just come through that charges against The Chaser team for their APEC security breach stunt have been dropped. Good, someone has a brain. Yes, they did enter the APEC security zone — but you, dear police and security forces, stood back and saluted as you waved them through the checkpoints.

28 April 2008 by Stilgherrian | No comments

I should also post a link to Bruce Schneier’s magnificent essay The Psychology of Security. A fantastic read. For similar material, check out his keynote speech at LinuxConf Australia last week.

11 February 2008 by Stilgherrian | No comments

When it comes to security, every desktop computer operating system is fundamentally flawed. Why? Because any software you run has the same permissions that you do. Anything you can do, they can do too — whether you want that or not.

Speaking at the AusCERT conference on Monday, Ivan Krstic, director of security architecture for the One Laptop per Child project, says the computing industry relies on “utterly obsolete concepts and assumptions” and has “massively failed when it comes to desktop security”.

The way modern desktop security works is by relying on the user to make informed and sensible choices on things they don’t understand.

The early personal firewall software was a classic example:

A dialogue would pop up and say ‘Hi, we’ve intercepted this packet with this TCP sequence number and these flags set, and SYN and FIN are both on, and here are the destination ports and the source ports and here is a hex dump of the packet. Allow or deny? What do you think?’. Who is that protecting? It’s protecting me, but I don’t need that kind of protection in the first place.

The Apple Blog was sarcastic when they reported Krstic’s speech — I suspect because arrogant OS X users think security issues don’t apply to them — so I posted a response

Read the rest of this entry »

My friend Richard will disagree, but if phone salesman Harraj Mann was singing along to The Clash’s London Calling then I think he deserves to be hauled off and questioned.

“Safety is paramount and we respond to concerns from members of the public in the way they would expect us to,” said a Durham Police spokeswoman. Too right.

« Older entries