infosec

You are currently browsing articles tagged infosec.

Rosella Cottage and its solar panels: click to embiggenMy week of Monday 20 to Sunday 26 July 2015 was ruined by health problems. I won’t go into the details. If you saw some facts, you saw them. Otherwise you missed them.

There were no articles or podcasts or editions of 5at5 produced, so I’ll make this Weekly Wrap look slightly better by omitting the sub-heads. I’ll skip the Corporate Largesse section too, because there wasn’t any, and stick to what did happen.

Media Appearances

  • On Tuesday, I spoke about the Ashley Madison data breach on ABC 936 Hobart.
  • On Wednesday, I spoke about the Ashley Madison data breach on Sydney radio 2UE, but I won’t be posting a recording because it adds nothing to the Hobart one. I’m thinking about being a lot more selective about what I post here — or at least what I go to the effort of writing a whole blog post about — and maybe even automating most of the Weekly Wrap. I mean, do you even read this?

The Week Ahead

I’m not going to match specific tasks to specific days at this stage, for various reasons. But I will say that my Pozible crowdfunding campaign for The 9pm Urgent Hardware Refresh has been given the green light, so I’ll press the “Go” button on that relatively early in the week, and I’ll produce an episode of The 9pm Edict podcast to coincide with that, more or less.

I’ll also write some stuff for people. Is that vague enough?

I’ll be in the Mountains for most of the week, I think. I can’t see much that’d draw me into Sydney, not when I apply a strict cost benefit analysis to it all. You people are terrible.

[Photo: Rosella Cottage and its solar panels, photographed on 30 January 2012. This week I returned to being based in Rosella Cottage, rather than the Bunjaree Cottages outbuilding called “The Studio”. It’s not only far more pleasant, it gives me morning views like this, and this, and this. I think this will help.]

ABC logoThe information security news story of the week was, of course, the data breach at “affairs” and “cheaters” website Ashley Madison, something first reported by journalist Brian Krebs.

I spoke about this data breach in a couple of radio spots — I’m reluctant to call it a
“hack” until we have some evidence that a hack was involved, as opposed to some internal problem — but I reckon the first was the best.

Here’s that conversation, a 13-minute chat from Tuesday morning with ABC 936 Hobart morning presenter Leon Compton. Enjoy.

Play

The audio is of course ©2015 Australian Broadcasting Corporation.

To boldly go...: click to embiggenMy week of Monday 13 to Sunday 19 July 2015 continued the lack-of-productivity theme, alas. Mostly because my dying computer decided to die far more rapidly than it had been until now.

My sincere thanks go to Justin Clacherty for lending me a spare MacBook Pro until I can organise my own new machine. I’m pleased that the set-up and transfer of data to this “new” machine only took nine hours — well, plus the six hours it took to take a proper backup of the old machine, because it kept throwing errors.

That said, in the latter part of the week I did get quite a bit done on the Pozible crowdfunding campaign to pay for that replacement machine. That campaign should launch in the next few days.

And because I had to archive some data off the old computer — because it had a 750GB hard drive, whereas the loaner has a 500GB SSD — I was browsing through old photos and videos. This put me into a particularly reflective mood again on the weekend. I hope that some good will come of this, because having a properly-working computer again — and a fast one! — should provide another boost to my optimism.

Articles

Podcasts

None.

5at5

5at5 was still on hiatus this week.

Media Appearances

Corporate Largesse

  • On Monday evening, I caught up with Leslie Nassar to discuss a SEKRIT project, and he bought me dinner.

The Week Ahead

I’m back in Wentworth Falls this coming week, and most of it hasn’t been mapped out yet. Still, I have a broad outline.

On Monday Tuesday, I’ll be submitting that Pozible project for approval, doing some shopping in Katoomba, and mapping out my writing commitments for the next few weeks. Now that I have a working computer again, I’ve got heaps of work to catch up with.

On Tuesday Wednesday, I’ll be completing a video to go with that Pozible project, which should launch that day. I’ll also be producing an episode of The 9pm Edict podcast. I’ll delay the posting of both until Wednesday Thursday if the Pozible campaign doesn’t launch.

The rest of the week is a bit vague, but I know there’ll be a ZDNet column in there somewhere. And I’m guessing I’d better organise some other work as well.

Update 20 July 2015: Edited to slide nearly everything in the plan back a day, to reflect a Monday sickie.

[Photo: To boldly go…, being a small boat heading out into the fog of San Francisco Bay on 10 December 2010.]

FIVEaa logoThis week Apple launched its Apple Pay service in the UK, the second market after the US, which meant it and other new payment systems blipped up in the news.

On Thursday I spoke about Apple Pay with Will Goodings on 1395 FIVEaa in Adelaide. He was bouncing off a story in the Australian Financial Review, Why Australia’s banks are still well placed to fend off Apple Pay.

After speaking with me, he spoke with Chris Hamilton, CEO of the Australian Payments Clearing Association — and that’s in the recording too, because it’s interesting stuff.

I was also going to mention the forthcoming Samsung Pay, because ZDNet reviewed the beta rollout in South Korea, but we didn’t get to that.

Play

The audio is ©2015 Nova Entertainment.

Wi-Fi: No hardware detectedMy week of Monday 6 to Sunday 12 July 2015 was the first of two weeks I’ll be spending in Sydney — but it wasn’t just the geography that made it unusual.

I had intended to get a Pozible crowdfunding campaign under way for The 9pm Urgent Hardware Refresh, but I ended up doing quite a bit of work on the SEKRIT television project instead.

This is a Good Thing, because it’s fun and interesting work, and the pay is quite reasonable. But as the photo at the top of the post shows, my computer is dying fast. The Wi-Fi hardware fails regularly, and you can also make out the screen cracks. So that crowdfunding effort will have to happen quite soon. Like in the coming week.

Articles

Podcasts

None.

5at5

5at5 is on hiatus this week and next.

Media Appearances

Corporate Largesse

  • On Tuesday evening, I went to Tanium’s open-house demo and drinks evening in Sydney, where of course there was free food and drink.

The Week Ahead

On Monday, I’ll be working on that crowdfunding campaign, as well as getting a haircut, and in the evening meeting with Leslie Nassar about yet another, different SEKRIT project.

On Tuesday, I’ll be doing further work on the crowdfunding project and, ideally, launching it. I’ll also be producing an episode of The 9pm Edict podcast, which may extend into Wednesday. Otherwise, Wednesday is likely to be a day of research and writing, before I wander to Oracle’s drinks evening in Surry Hills. Thursday is also a day of writing, ideally culminating in a column for ZDNet.

Friday and the weekend are as yet unplanned. However there are many, many things that need organising, so I daresay they’ll be quite full days. Stand by. Also, and and all of this schedule may be disrupted by urgent work on the SEKRIT television project.

Update 13 July 2015: Edited to add The Saturday Paper reference, and indicate the flexibility of the schedule.

[Photo: “Wi-Fi: No hardware detected”, being an increasingly common sight on my rapidly-disintegrating MacBook Pro.]

ABC logoHundreds of millions of Samsung smartphones have a serious security vulnerability. The company has known about it since December, but hasn’t done anything about it. I spoke about this on ABC Radio’s The World Today on Thursday.

A software bug is making around 600 million Samsung mobile phones around the world vulnerable to attack. The bug in the phone’s keyboard software could allow hackers to read text messages and to view and take photos. It was found by a US computer security company which informed Samsung late last year.

If you want the technical details, read the Ars Technica story, New exploit turns Samsung Galaxy phones into remote bugging devices.

Here’s the three-and-a-half minute radio story. There’s also a transcript, and a written news story, Samsung phones vulnerable to cyber attacks because of software bug.

Play

The audio is ©2015 Australian Broadcasting Corporation, and it’s being served here directly from the ABC website.

Since this report aired, Samsung has said that it will fix this vulnerability, but not all Samsung smartphone owners will receive the fix immediately.

Surveillance: click to embiggenMy week of Monday 8 to Sunday 14 June 2015 has been another productive one, despite Monday allegedly being a holiday. Thank you, Your Majesty. I’m exhausted.

I also think I’m coming down with a cold, which is hardly surprising. We’ll see.

There’s much I want to talk about, but this very moment I’m at the regularly monthly Poetry in the Pub in Katoomba. I have Sunday Lunch here many weeks. But this month it’s essentially a wake, because one of their number has passed. I’ll admit that I shed a tear as one chap read Henry Lawson’s “The Glass on the Bar”. My whinges can wait for another time.

Articles

There’s also two more ZDNet pieces in the pipeline. They’ll appear in the first half of the coming week, I imagine.

Podcasts

None. The next episode of The 9pm Edict is now scheduled for Wednesday 17 Saturday 20 June.

5at5

There were five editions of 5at5 this week, on Monday, Tuesday, Wednesday, Thursday, and Friday. That’s more than 25 things for you to read! To save me having to tell you this, you could just subscribe.

Media Appearances

Corporate Largesse

None.

The Week Ahead

On Monday and Tuesday, I’ll be finishing off those two ZDNet stories. In theory, I’m also heading in to Sydney on Tuesday for the Optus Business Lunch, to hear the company’s chief executive officer Allen Lew deliver a keynote speech on “how customer behaviours are driving digital transformation” — but with deadlines, that may have to be cancelled. That Sydney trip will definitely be cancelled.

On Wednesday, I’ll be completing an episode of The 9pm Edict podcast. On Thursday, I’ll be writing a column for ZDNet. Wednesday and Thursday are writing days, completing those two ZDNet items, plus a piece for Crikey, plus starting on an episode of The 9pm Edict podcast.

On Friday, I’m definitely doing the long commute to Sydney, to go to a lunchtime briefing by the Wynyard Group on corporate and cyber criminals.

On Saturday I’ll be completing the podcast, and perhaps helping with some, um, engineering work at Bunjaree Cottages. While the rest of the weekend has not yet been planned, the Solstice is on Sunday night — well, for me it’s at 0238 AEST on Monday morning — so I’ll be marking the occasion in some way. How? I’m not sure yet. The same applies to the rest of the weekend, I suppose.

Update 15 June 2015: Edited to reflect the schedule change. Second update, 1620 AEST: Edited to add link to ABC Riverina recording. Update 17 June 2015: Edited to reflect further schedule changes.

[Photo: Surveillance, photographed at Wentworth Falls railway station on 13 June 2015.]

Sunset on the Gold Coast: click to embiggenMy week of Monday 1 to Sunday 7 June 2015 has been both productive and exhausting, covering two conferences in two states.

It’s a long time since I’ve written five articles in week. It’s at least six months since I’ve done four, which is as far back as I could be bothered scrolling let alone five. But of course, there’s podcasts and other projects that have generated revenue, including random geekery and technical consultancy, so “number of articles” isn’t a fair measure.

Still, this has been one of my most productive weeks in a while. Excellent.

Articles

Podcasts

None. The next episode of The 9pm Edict is scheduled for Monday 15 June, or the day after.

5at5

There were two editions of 5at5 this week, on Monday, and Sunday. To save me having to tell you this, you could just subscribe.

Media Appearances

  • On Monday, I spoke about Chinese ATMs with face recognition on ABC 891 Adelaide.
  • On Friday, I took part in the AusCERT Speed Debate. The Livestream recording has bad audio, so I’ll link to the YouTube version when it becomes available.
  • Also on Friday, I was interviewed by the University of Melbourne student newspaper Farrago. I’ll link to that story when it goes live.

Corporate Largesse

  • On Tuesday, I went to the Check Point Cyber Security Symposium in Sydney, or at least part of it. The goodie bag included a signed copy of Brian Krebs’ book Spam Nation, a Check Point branded notebook, a chocolate from A10 Networks, and of course copies of Check Point’s promotional material. Food and drink were supplied.
  • From Tuesday night through to Friday, I was at the AusCERT Information Security Conference as AusCERT’s guest. They provided return flights from Sydney to the Gold Coast, airport transfers, three nights accommodation at RACV Royal Pines Resort, and of course all the conference food and drink — and there was plenty of that. For taking part in the Speed Debate, I was given a bottle of Jim Barry The Lodge Hill Shiraz 2012 from the Clare Valley. And everybody got a copy of Bruce Schneier’s book Data and Goliath, an AusCERT-branded shirt, and a rather well-made courier bag. From CyberArk: A macaron, delivered creepy-like into my hotel room while I wasn’t there. From Firemon: A branded glass-cleaning cloth. From Mimecast: a keyring bottle opener. From NCC Group: a golden bath duck. From the US Naval Criminal Investigative Service: an NCIS cap — yes, from the real NCIS, not the TV show.

The Week Ahead

Monday is a public holiday for the Queen’s Birthday, but nevertheless I’ll be working. I’ll be writing a feature for ZDNet, as well as returning to Wentworth Falls after a week away.

From Tuesday to Thursday, I’ll be working on another feature for ZDNet, as well as my “regular” column, as well as the running so late it’s embarrassing ebook. I see there’s an Apple keynote at 0300 AEST on Tuesday, so that may feed into something. [It didn’t.] And I’ve got an interview to do on Thursday afternoon.

On Friday, I’ll be heading down to Sydney for a media briefing by Cisco. Friday is another writing day.

I’m not sure how the weekend will go, but I see that there’s Poetry in the Pub in Katoomba on Sunday afternoon. I happened to be there last month, and I thought it might be interesting for The 9pm Edict podcast. We’ll see.

Update 11 June 2015: Edited to reflect the abandoning of the Friday trip to Sydney.

[Photo: Sunset on the Gold Coast, Photographed from the 16th floor of the RACV Royal Pines Resort on 3 June 2015.]

ABC logoEngineers at Beijing’s Tsinghua University and Hangzhou-based security company Tzekwan Technology have unveiled an ATM with face-recognition — and I discussed the implications on ABC 891 Adelaide on Monday.

I spoke with drive presenter Michael Smyth about why China might want to do this, including making more of their technology domestically, and linking ATM authentication with their growing national database of facial biometrics for… other purposes.

Here’s the full seven-minute conversation, which was broadcast live.

Play

The audio is ©2015 Australian Broadcasting Corporation.

Winter in Katoomba: click to embiggenMy week of Monday 25 to Sunday 31 May 2015 did not unfold as planned, but it wasn’t a complete disaster.

Podcasts

  • “The 9pm Orgy of Confusion”, being The 9pm Edict episode 44. There’s actually a lot more to this episode than this simple entry might suggest. Please listen.

Articles

  • Lessons from a Sydney cryptoparty, ZDNet Australia, 25 May 2015. Quite a few people have said this is a good piece, despite its bland headline, so perhaps you might do me the honour of clicking through and reading it.

5at5

There were two editions of 5at5 this week, on Monday, and Friday. To save me having to tell you this, you could just subscribe.

Media Appearances

None.

Corporate Largesse

None. But this will change next week.

The Week Ahead

On Monday, I’ll be doing various tasks which I am not at liberty to reveal, before heading to Sydney and getting a decent night’s sleep before…

On Tuesday, I’ll be getting up early and heading to the morning sessions of Check Point’s Cyber Security Symposium 2015. In the afternoon I’m flying to the Gold Coast for the AusCERT 2015 Information Security Conference, which runs through to Friday afternoon. I’ll even be taking part in the AusCERT Speed Debatecheck out last year’s — before flying back to Sydney on Friday night.

Then it’s the Queen’s Birthday long weekend, and I haven’t quite decided what happens with that.

[Photo: Winter in Katoomba, photographed on 31 May 2015.]

« Older entries