infosec

You are currently browsing articles tagged infosec.

ABC logoHundreds of millions of Samsung smartphones have a serious security vulnerability. The company has known about it since December, but hasn’t done anything about it. I spoke about this on ABC Radio’s The World Today on Thursday.

A software bug is making around 600 million Samsung mobile phones around the world vulnerable to attack. The bug in the phone’s keyboard software could allow hackers to read text messages and to view and take photos. It was found by a US computer security company which informed Samsung late last year.

If you want the technical details, read the Ars Technica story, New exploit turns Samsung Galaxy phones into remote bugging devices.

Here’s the three-and-a-half minute radio story. There’s also a transcript, and a written news story, Samsung phones vulnerable to cyber attacks because of software bug.

Play

The audio is ©2015 Australian Broadcasting Corporation, and it’s being served here directly from the ABC website.

Since this report aired, Samsung has said that it will fix this vulnerability, but not all Samsung smartphone owners will receive the fix immediately.

Surveillance: click to embiggenMy week of Monday 8 to Sunday 14 June 2015 has been another productive one, despite Monday allegedly being a holiday. Thank you, Your Majesty. I’m exhausted.

I also think I’m coming down with a cold, which is hardly surprising. We’ll see.

There’s much I want to talk about, but this very moment I’m at the regularly monthly Poetry in the Pub in Katoomba. I have Sunday Lunch here many weeks. But this month it’s essentially a wake, because one of their number has passed. I’ll admit that I shed a tear as one chap read Henry Lawson’s “The Glass on the Bar”. My whinges can wait for another time.

Articles

There’s also two more ZDNet pieces in the pipeline. They’ll appear in the first half of the coming week, I imagine.

Podcasts

None. The next episode of The 9pm Edict is now scheduled for Wednesday 17 Saturday 20 June.

5at5

There were five editions of 5at5 this week, on Monday, Tuesday, Wednesday, Thursday, and Friday. That’s more than 25 things for you to read! To save me having to tell you this, you could just subscribe.

Media Appearances

Corporate Largesse

None.

The Week Ahead

On Monday and Tuesday, I’ll be finishing off those two ZDNet stories. In theory, I’m also heading in to Sydney on Tuesday for the Optus Business Lunch, to hear the company’s chief executive officer Allen Lew deliver a keynote speech on “how customer behaviours are driving digital transformation” — but with deadlines, that may have to be cancelled. That Sydney trip will definitely be cancelled.

On Wednesday, I’ll be completing an episode of The 9pm Edict podcast. On Thursday, I’ll be writing a column for ZDNet. Wednesday and Thursday are writing days, completing those two ZDNet items, plus a piece for Crikey, plus starting on an episode of The 9pm Edict podcast.

On Friday, I’m definitely doing the long commute to Sydney, to go to a lunchtime briefing by the Wynyard Group on corporate and cyber criminals.

On Saturday I’ll be completing the podcast, and perhaps helping with some, um, engineering work at Bunjaree Cottages. While the rest of the weekend has not yet been planned, the Solstice is on Sunday night — well, for me it’s at 0238 AEST on Monday morning — so I’ll be marking the occasion in some way. How? I’m not sure yet. The same applies to the rest of the weekend, I suppose.

Update 15 June 2015: Edited to reflect the schedule change. Second update, 1620 AEST: Edited to add link to ABC Riverina recording. Update 17 June 2015: Edited to reflect further schedule changes.

[Photo: Surveillance, photographed at Wentworth Falls railway station on 13 June 2015.]

Sunset on the Gold Coast: click to embiggenMy week of Monday 1 to Sunday 7 June 2015 has been both productive and exhausting, covering two conferences in two states.

It’s a long time since I’ve written five articles in week. It’s at least six months since I’ve done four, which is as far back as I could be bothered scrolling let alone five. But of course, there’s podcasts and other projects that have generated revenue, including random geekery and technical consultancy, so “number of articles” isn’t a fair measure.

Still, this has been one of my most productive weeks in a while. Excellent.

Articles

Podcasts

None. The next episode of The 9pm Edict is scheduled for Monday 15 June, or the day after.

5at5

There were two editions of 5at5 this week, on Monday, and Sunday. To save me having to tell you this, you could just subscribe.

Media Appearances

  • On Monday, I spoke about Chinese ATMs with face recognition on ABC 891 Adelaide.
  • On Friday, I took part in the AusCERT Speed Debate. The Livestream recording has bad audio, so I’ll link to the YouTube version when it becomes available.
  • Also on Friday, I was interviewed by the University of Melbourne student newspaper Farrago. I’ll link to that story when it goes live.

Corporate Largesse

  • On Tuesday, I went to the Check Point Cyber Security Symposium in Sydney, or at least part of it. The goodie bag included a signed copy of Brian Krebs’ book Spam Nation, a Check Point branded notebook, a chocolate from A10 Networks, and of course copies of Check Point’s promotional material. Food and drink were supplied.
  • From Tuesday night through to Friday, I was at the AusCERT Information Security Conference as AusCERT’s guest. They provided return flights from Sydney to the Gold Coast, airport transfers, three nights accommodation at RACV Royal Pines Resort, and of course all the conference food and drink — and there was plenty of that. For taking part in the Speed Debate, I was given a bottle of Jim Barry The Lodge Hill Shiraz 2012 from the Clare Valley. And everybody got a copy of Bruce Schneier’s book Data and Goliath, an AusCERT-branded shirt, and a rather well-made courier bag. From CyberArk: A macaron, delivered creepy-like into my hotel room while I wasn’t there. From Firemon: A branded glass-cleaning cloth. From Mimecast: a keyring bottle opener. From NCC Group: a golden bath duck. From the US Naval Criminal Investigative Service: an NCIS cap — yes, from the real NCIS, not the TV show.

The Week Ahead

Monday is a public holiday for the Queen’s Birthday, but nevertheless I’ll be working. I’ll be writing a feature for ZDNet, as well as returning to Wentworth Falls after a week away.

From Tuesday to Thursday, I’ll be working on another feature for ZDNet, as well as my “regular” column, as well as the running so late it’s embarrassing ebook. I see there’s an Apple keynote at 0300 AEST on Tuesday, so that may feed into something. [It didn’t.] And I’ve got an interview to do on Thursday afternoon.

On Friday, I’ll be heading down to Sydney for a media briefing by Cisco. Friday is another writing day.

I’m not sure how the weekend will go, but I see that there’s Poetry in the Pub in Katoomba on Sunday afternoon. I happened to be there last month, and I thought it might be interesting for The 9pm Edict podcast. We’ll see.

Update 11 June 2015: Edited to reflect the abandoning of the Friday trip to Sydney.

[Photo: Sunset on the Gold Coast, Photographed from the 16th floor of the RACV Royal Pines Resort on 3 June 2015.]

ABC logoEngineers at Beijing’s Tsinghua University and Hangzhou-based security company Tzekwan Technology have unveiled an ATM with face-recognition — and I discussed the implications on ABC 891 Adelaide on Monday.

I spoke with drive presenter Michael Smyth about why China might want to do this, including making more of their technology domestically, and linking ATM authentication with their growing national database of facial biometrics for… other purposes.

Here’s the full seven-minute conversation, which was broadcast live.

Play

The audio is ©2015 Australian Broadcasting Corporation.

Winter in Katoomba: click to embiggenMy week of Monday 25 to Sunday 31 May 2015 did not unfold as planned, but it wasn’t a complete disaster.

Podcasts

  • “The 9pm Orgy of Confusion”, being The 9pm Edict episode 44. There’s actually a lot more to this episode than this simple entry might suggest. Please listen.

Articles

  • Lessons from a Sydney cryptoparty, ZDNet Australia, 25 May 2015. Quite a few people have said this is a good piece, despite its bland headline, so perhaps you might do me the honour of clicking through and reading it.

5at5

There were two editions of 5at5 this week, on Monday, and Friday. To save me having to tell you this, you could just subscribe.

Media Appearances

None.

Corporate Largesse

None. But this will change next week.

The Week Ahead

On Monday, I’ll be doing various tasks which I am not at liberty to reveal, before heading to Sydney and getting a decent night’s sleep before…

On Tuesday, I’ll be getting up early and heading to the morning sessions of Check Point’s Cyber Security Symposium 2015. In the afternoon I’m flying to the Gold Coast for the AusCERT 2015 Information Security Conference, which runs through to Friday afternoon. I’ll even be taking part in the AusCERT Speed Debatecheck out last year’s — before flying back to Sydney on Friday night.

Then it’s the Queen’s Birthday long weekend, and I haven’t quite decided what happens with that.

[Photo: Winter in Katoomba, photographed on 31 May 2015.]

2UE logoIs it possible to hack into a commercial airliner’s flight control systems by first hacking into its inflight entertainment system?

That’s the worry, certainly. But now the FBI has said that security researcher Chris Roberts told them he’d done exactly that hack 15 or 20 times, and on one occasion even managed to compromise the Thrust Management Computer, getting it to issue a “climb” command to one engine — with the result that the burst of increased thrust caused “lateral movement” of the aircraft.

Except Wired reports that Roberts told them that he claimed no such thing. He’d had many hours of conversations with the FBI, and in condensing that down to a few sentences they’ve got the wrong end of the stick.

This whole story caught the attention of 2UE morning presenter Stuart Hocking, we spoke about it for about seven minutes earlier today, and here’s the recording.

Play

This audio is ©2015 Radio 2UE Sydney Pty Ltd.

Sunrise over Rozelle Bay, Sydney: click to embiggenMy week of Monday 13 to Sunday 19 April 2015 was rather full, but not as productive as the plan intended. Instead, there were unexpected loose ends to tie up, plus hours and hours of introspection.

Introspection about the fact that Q1 of 2015 was, in revenue terms, my second-worst quarter in more than four years. Introspection about just how I’ll increase revenue. And about the isolation of living at Bunjaree Cottages, which isn’t good for me — and the fact that these accommodation arrangements, only ever intended to be for “a few weeks”, have run for more than four years. All my household possessions, apart from two suitcases of personal items and the like, have been in storage all this time.

Introspection about two events coming up next month, a birthday that ends in a “5” and, on 13 May, the twentieth anniversary of moving from Adelaide to Sydney — a move triggered by taking on a new job during the first dotcom boom. With both work and accommodation issues on the agenda again, is it time for another migration?

Introspection about the “need”, as my doctor put it, to get some exercise, change my diet, and lose 10kg of weight. And introspection about just how I’ll change all those things — and more that I haven’t mentioned yet — without going postal.

I don’t have any answers yet. Heck, I don’t even have most of the questions. But I am starting to get a clearer view of the landscape, like the sun rising through dawn clouds.

All that said, I did get a few things done this week…

Podcasts

  • “The 9pm Statement of Regret”, being The 9pm Edict episode 40. It contains quite a bit about Australia’s forthcoming celebrations for Anzac Day and the mythic nature of Gallipoli in those celebrations. I’d like to hear your responses. Your deadline for audio comments is Tuesday 21 April at 1700 AEST.

Articles

5at5

There were four editions of 5at5 this week, on Monday, Tuesday, Thursday and Friday. To save me having to tell you this, you could just subscribe.

Media Appearances

Corporate Largesse

  • On Friday, I had coffee with an executive from Dyn, an internet performance optimisation company. That coffee was paid for by their PR people.

The Week Ahead

I’ll be in the Blue Mountains all week, as far as I can tell at this stage.

On Monday and Tuesday, I’m finishing a column for ZDNet Australia, producing another episode of The 9pm Edict podcast, and setting up some sort of subscription drive for same. Those last two tasks are intertwined. On Tuesday night, I’ll be talking tech news with Dom Knight on ABC 702 Sydney at 2030 AEST.

On Wednesday through Friday, I’ll finally get that ebook sorted, write a column for ZDNet Australia, review the scripts for six episodes of a television drama. Yes, that last one is running late. Also left over from last week is producing and posting the recording of my recent lecture at UTS. There’s no way that’ll fit into the coming week.

The weekend is currently unplanned, but given how much I’ll be doing during the week, I suspect I’ll just be a sloth for two days. Apart, that is, from going to a local Anzac Day Dawn Service somewhere. Maybe. I may also try to have some sort of social life. Possibly.

Further Ahead

The following week, on 29-29 April, I’ll be covering the Disruptocon conference in Sydney, trying not to choke on the name.

Then on Saturday 2 May, I’ll be flying to the US for eight days, primarily to cover NetSuite’s SuiteWorld conference once again. I currently plan to return to Australia on Tuesday 12 May. I’ll tell you more about that trip in due course.

Update 24 April 2015: Edited to reflect cancellation of US trip.

[Photo: Sunrise over Roselle Bay, Sydney, photographed on 19 April 2015. Yes, today.]

Forest, rain and train: click to embiggenMy week of Monday 30 March to Sunday 5 April 2015 was and action-packed week of extremes. Kinda.

Well, I made it up as I went along. I was in both Sydney and the Blue Mountains. The weather was variable. Does that count as extreme? How about standing right next to David Marr while he was paying attention to other people and I felt ignored and sulky?

Coming soon to a games store near you, Extreme David Marr.

Articles

Podcasts

5at5

Four editions of 5at5 this week, on Monday, Tuesday, Thursday and Sunday. You should subscribe, you know. If you subscribe, Jesus will love you. Promise.

Media Appearances

Corporate Largesse

None.

The Week Ahead

On Monday, despite it being a public holiday, I’ll be producing the bulk of an episode of The 9pm Edict. On Tuesday, I’ll be doing some errands and shopping in Leura and Katoomba in the morning. In the afternoon, I’ll be planning out some writing for April. And in the evening, I’ll publish the completed podcast.

On Wednesday, I’ll be updating my regular lecture for journalism students at the University of Technology Sydney (UTS).

On Thursday, I’ll be making the long commute to Sydney to deliver that lecture at UTS at 0900. Then at 1030 I’m going to the Australian launch of VMware’s vCloudAir. And then I’ll be writing for ZDNet Australia probably.

Friday through Sunday are currently unplanned. It will include, however, the turning of the UTS lecture into a podcast, some writing for someone else, and a variety of revenue-generating activities.

Caveat

The squid is none of your business.

[Photo: Forest, rain and train, being the view from a Blue Mountains line train as it travelled between Katoomba and Leura on a rainy day Friday 3 April 2015.]

The Wire logoOn Monday I recorded an interview on Bitcoin’s secret sauce, the blockchain, with The Wire, the current affairs program for Australia’s community radio network produced by 2SER in Sydney. It went to air that night as past their story Blockchains to the rescue?

It was only a couple of years ago that Bitcoin was taking the world by storm — the price rocketing by hundreds of percent. Since then, however, it has fallen into obscurity, with less and less companies accepting it as payment. But even if Bitcoin does not make it as a full fledged currency, the technology behind it may find a place elsewhere.

Journalist Josh Nicholas also spoke with Professor David Glance, Director of University of Western Australia’s Centre for Software Practice. The narrative contrasts my enthusiasm, for want of a better work, with Glance’s scepticism. That’s probably down to the questions asked and the editing, because I suspect our views are actually much the same.

Play

The audio is ©2015 2SER-FM 107.3. It’s also available at The Wire program website — that’s exactly the same as what you can hear here, it’s just that the audio file here has my branding — and you can also listen to the entire episode.

Please stand behind the yellow line: click to embiggenMy week of Monday 23 to Sunday 29 March 2015 is being documented late. Things did not go to plan, and I was annoyed.

Articles

Podcasts

None. The next episode of The 9pm Edict did not appear on Tuesday 24 March as previously advised, but it will finally arrive on 7 April.

5at5

Only one edition of 5at5 this week, on Monday. You should subscribe, you know.

Media Appearances

None. It’s been a while now.

Corporate Largesse

  • On Tuesday I was briefed by Oracle executives on “Cloud, Big Data and platforms” over lunch at the Bentley Restaurant + Bar in Sydney. The food was excellent. I had the pork cheek with garlic and yoghurt purée, raddichio and jamon, and the mulloway with pink turnip and brown butter.

[Photo: Please stand behind the yellow line, being platform markings and adjacent scenery at Leura station in the Blue Mountains, photographed in 28 March 2015.]

« Older entries