infosec

You are currently browsing articles tagged infosec.

https://www.flickr.com/photos/stilgherrian/19191057743/in/photostream/My week of Monday 25 to Sunday 31 January 2016 was very different from the one experienced by most Australians.

For most Australians, it was a short week, because they’d taken Monday, joined it up with the public holiday for Australia Day on Tuesday, and made themselves an unofficial four-day long weekend.

Whether they chose to do that by requesting annual leave, or through the rather more patriotic tradition of “chucking a sickie”, would have been a matter between them and those persistent little nagging voices in the back of their heads.

Mine was arranged a little differently, for reasons described in the immediately preceding post. It was busy, and here’s what emerged.

Articles

Podcasts

None, because the planned Sunday night recording of The 9pm Edict was abandoned due to repeated software crashes. It has been re-scheduled for Tuesday night.

At one point during the week, I also announced a bold plan to record a Corrupted Nerds podcast with Leslie Nassar as well. That plan was abandoned when sanity returned.

Both podcasts are now on an official one-month hiatus while I consider their future. I’ll post my thoughts in the coming week.

Media Appearances

5at5

None. But should 5at5 ever reappear, you’ll know about it if you subscribe.

Corporate Largesse

None, but it begins in earnest in the coming week.

The Week Ahead

It’s going to be a busy one, boys and girls…

On Monday, I’ll be up early to finalise some tax documentation, then at 1030 I’ll be phoning in to Deloitte for a cybersecurity briefing. The afternoon will see me negotiating certain timelines with the Australian Taxation Office (ATO), updating the clients for my various geek-for-hire projects, and having an early night.

On Tuesday, I really must do that cleaning and shopping.

On Wednesday, I’ll be catching an early train to Sydney for an appointment at the Black Dog Institute. I’ll post more about that on Tuesday morning. I’ll then return to the Blue Mountains mid-afternoon, because at 2100 AEDT I’ll be recording The 9pm Edict and streaming it live.

On Thursday, I’m writing for ZDNet, then heading back to Sydney in the afternoo for a meeting at 1745 to kick off a new geek-for-hire project. I plan to stay in Sydney overnight, should Sydney’s nosebleed accommodation prices permit.

Worked on the aforementioned geek-for-for hire projects, and everything else, will be woven around those appointments as need be.

The weekend is as yet unplanned.

Further Ahead

On 10 to 13 February, I’ll be in Melbourne for the Pause Fest. Wednesday night I’m doing a radio spot on ABC 774 Melbourne, at 1930 AEDT. I’m then on a panel on Thursday 11 at 1730 AEDT, titled “The security paradox: individual privacy vs digital driftnets”. I plan to stay in Melbourne until Saturday afternoon. If you’d like to catch up, let me know.

I hope to return to Melbourne to cover the APIdays conference on 1-2 March, but that’ll depend on me finding someone to cover my flights and accommodation. Would you like to be my sponsor?

[Update 2145 AEDT: Edited to reflect the new podcast recording time. Update 1 February 2016: Minor edits to the schedule.]

[Photo: To boldly go…. There’s a story behind this photograph.]

ABC logoEven though it’s a year old, the website that crashes an iPhone is back in the news this week — presumably because knowledge of the trick “went viral”, as they say.

This story piqued the interest of Fiona Willey, presenter of ABC Radio’s Statewide Drive in NSW, and we spoke on-air earlier this evening.

This is the full nine-minute interview, including a bit about the story from September 2015 when malware-infected apps made their way into the offical Apple App Store in China.

Play

The audio is ©2016 Australian Broadcasting Corporation.

Ducks on the Parramatta River: click to embiggenMonday 4 to Sunday 10 January 2016 was a reminder that the world, and especially the humans that infect it, move to their own natural cycles and patterns. It’s easier to move in rhythm with these than try to work against them, for better or for worse.

Australia shuts down between Christmas and New Year, yes. But despite the claims that we now live in a 24/7 ever-on ever-connected cycle, the reality is that much of Australia still operates to its traditional annual cycle. Shut down just before Christmas, operate in summer holiday mode through to Australia Day on 26 January.

You just have to face the fact that nothing substantial can get done in the first week of January, and that you’ll have trouble getting up to speed on any substantial projects right through to the end of the month.

Individual humans have their own patterns and habits as well, and it’s also tough to change them. You can’t teach a duck to dance, they say. But when the duck is smarter and more stubborn than you are, what hope can there be?

So it with those observations that I introduce this week’s humble list of achievements, and note a few of the necessary changes to The Plan.

Articles

Podcasts

None.

Media Appearances

None.

5at5

None. But should 5at5 eventually reappear, you’ll know about it if you subscribe.

Corporate Largesse

None. The year has not yet started.

The Week Ahead

It’s another week at Wentworth Falls, and broadly speaking it’ll be much the same as its predecessor — but with achievements rather than distractions. He says boldly.

What’s definite is that the next episode of The 9pm Edict podcast will be recorded on Thursday night 14 January, streamed live through Spreaker from 2100 AEDT.

I’ll also be making a day trip to Sydney for a medical appointment at some point. I won’t know when that will be until Monday. That’ll be on Wednesday. I’ll have plenty of free time during the day, so if we need to catch up then let me know.

Apart from that, I’ll continue to work on designing a website and a matching email template for a client; writing that episode of The 9pm Edict; updating some of the stuff I use to explain what it is that I actually do; typing up the loose ends from my crowdfunding projects; thinking about my future accommodation needs; and bringing my bookkeeping up to date so I can file five years of outstanding tax returns.

Further Ahead

On 10 to 12 February, I’ll be in Melbourne for the Pause Fest. I’m on a panel on Thursday 11 titled “The security paradox: individual privacy vs digital driftnets”. I’ll be staying in Melbourne until Saturday. If you’d like to catch up, let me know.

I’ve dumped plans to go to Geelong to cover Linux.conf.au in the first week of February. Sorry, but I need to keep that week flexible and close to Sydney for personal reasons.

For the same reason, my bold intention to record The 9pm Edict’s Public House Forum on Saturday 23 January is also dumped. I need a clearer plan for what I’m actually doing with my various podcasts. They can’t just be an indulgent drain on my time, and despite the inexplicable generosity of those who’ve been supporting me, the numbers don’t quite add up yet. Stand by for more thoughts about that in the not-too-distant future.

Some things that remain on The Plan include Tech Leaders in Leura on 13-14 March; the Australian Cyber Security Centre Conference in Canberra on 12-14 April; NetSuite’s SuiteWorld in San Jose on 16-19 May; the AusCERT Conference on the Gold Coast on 24-27 May; the Gartner Security & Risk Management Summit in Sydney on 22-23 August; and the AISA National Conference in Sydney on 18-20 October.

What else should I add to that list?

Apart from anything else, the first thing I notice about it is that nearly everything is in Australia. Have my horizons contracted?

Update 11 January 2016: Edited to reflect minor schedule changes.

[Photo: Ducks on the Parramatta River, photographed on 15 September 2012. I spent quite a lot of time watching these ducks on the banks for Sydney’s Parramatta river that spring afternoon before they’d finally had enough of me, formed convoy, and departed.]

Sydney Storm: click to embiggenMy week of Monday 14 Sunday 20 December 2015 was full of many things, few of which are listed here. I’ve been doing random geekery rather than media stuff this week.

While I would like to blame my relative lack of productivity solely on my ratty sleep patterns this week — and they have been a thing, for various health-related reasons — I would also like to blame Certain People for plying me with alcohol. You know who you are.

Articles

Podcasts

None, but The 9pm Edict’s Public House Forum #2 was recorded on Saturday, and will be edited and posted online early in the coming week. It was immense fun, and you may well find it amusing.

Media Appearances

  • On Monday, I spoke about the security risks of Wi-Fi Hello Barbie on Sydney radio 2UE, but I did not record it. I’ve spoken about it previously on ABC Radio’s PM.

5at5

Should 5at5 eventually reappear, you’ll know about it if you subscribe.

Corporate Largesse

  • On Wednesday, I went to a lunchtime briefing by Hitachi Data Systems at the ever-wonderful Gowings Bar and Grill in Sydney. Apart from the usual fine food and wine, we all got a goodie pouch containing a HDS-branded 2600mAh Power Bank, and an 8GB memory stick with the presentation.

The Week Ahead

Since the silly season has begun in Australia, and this coming week is the short week before Christmas, I won’t even bother trying to schedule it too closely. Besides, I’m cat-sitting in Ashfield again, in Sydney’s inner west, and some key items that I’ll need in the next couple of weeks are still in Wentworth Falls.

Nevertheless, between now and Thursday night, which is Christmas Eve, I know I have to design a simple website, write at least one thing for ZDNet, and edit and publish that pub podcast. I’d also like to do that yearly wrap episode of Corrupted Nerds, but I’m not so sure that will happen now.

There’s only two fixed appointments so far, Huawei’s Christmas Drinks on Tuesday evening, and a medical appointment late on Wednesday afternoon. As for the rest of it, I’ll be making it up as I go along.

As you should know by now, my Twitter feed is the most up-to-date data source for these things.

Friday is Christmas Day, so I’m likely to be offline then, as well as through the following weekend.

[Photo: Sydney Storm. The Sydney CBD seen from Lilyfield just before Wednesday’s storm hit. While the CBD itself suffered little harm, around 50 houses were damaged by severe winds at Kurnell.]

ABC logoIt was a week for extended radio conversations about the darker side of the internet, it seems.

Not only did I speak about Anonymous on ABC 774 Melbourne, on Friday night I spoke about that ill-defined phenomenon known as the “dark web” on ABC 891 Adelaide with evening presenter Deb Tribe. And here is that conversation.

Play

This audio is ©2015 Australian Broadcasting Corporation.

Railway Parade near Wentworth Falls: click to embiggenMy week of Monday 30 November to Sunday 6 December 2015 went reasonably well. Although I didn’t do things exactly as predicted last week, there was enough progress to make me happy.

In the interests of getting this posted on schedule, I’ll go straight to the list…

Podcasts

Articles

Media Appearances

  • On Tuesday, I spoke about the VTech hack on ABC 612 Brisbane.
  • On Wednesday, I spoke about the VTech hack on Kinderling Radio.
  • On Wednesday evening, I took part in a panel discussion at the launch of the Sydney chapter of Electronic Frontiers Australia. The only recording is a very rough one for my own reference, so sorry, you won’t be hearing it.

5at5

Should 5at5 eventually reappear, you’ll know about it if you subscribe.

Corporate Largesse

  • On Wednesday, I went to VMware’s end-of-year drinks at O Bar and Dining, Australia Square. Apart from canapés and champagne, I pocketed a pen. They so pwn me now.

The Week Ahead

On Monday, Prime Minister Malcolm Turnbull will be making some sort of announcement regarding innovation, so I suspect I’ll be writing something for ZDNet. If not, well, there’s a thousand tasks of administrivia I need to deal with.

On Tuesday, I’m heading to Sydney for a medical appointment, an interview, and NetSuite’s end-of-year drinks. I’m then heading to the ABC’s Sydney studios to do a spot on ABC 774 Melbourne at 1900 AEDT.

On Wednesday, I’ll be dealing with a number of geek-for-hire tasks, and planning certain things for the next couple of weeks.

On Wednesdayetime=”2015-12-09T03:11:37+00:00″>Thursday, I’ll finally be producing that episode of The 9pm Edict podcast, tentatively titled “The 9pm Garden of Hate”, in which I’ll finish off all of the sponsored content that I owe my supporters. I plan to stream that recording session live at 2100 AEDT.

On Thursday, I’m heading to Sydney again for a medical appointment, amongst other things, and probably writing for ZDNet en route.

Friday will see me doing whatever remains to be done, which will include writing for ZDNet.

Further Ahead

I’ll record a “2015 Wrap” episode of the Corrupted Nerds podcast some time in the week beginning Monday 14 December.

The next episode of The 9pm Public House Forum, similar to the first one, will be recorded on the afternoon of Saturday 19 December. The venue will be confirmed in a few days, but it’s now looking like it’ll be somewhere in Sydney’s inner west.

I’ll also produce “2015 Wrap” episode of the Edict some time between Christmas and New Year.

[Update 9 December 2015: Edited to reflect schedule changes.]

[Photo: Railway Parade near Wentworth Falls. On the last day of spring, the yellow flowers of the Coreopsis lanceolata are everywhere. They’re a weed, but pretty nonetheless.]

Kinderling logoWhile I’d heard of Kinderling, I hadn’t really known what it was about — until this Wednesday, when I did a spot on this new digital radio station in Sydney.

Kinderling grew from the Australian independent music and arts community with a vision to create contemporary children’s radio that is grounded in Australian culture, society and natural habitat.

With over a decade of radio experience (and ten kids!) between them, the Kinderling team has developed a program schedule that soundtracks your day with kids.

The trigger for this conversation was of course this week’s news of the VTech hack and data breach. Here’s my 10-minute conversation with Kinderling Conversation presenter Shevonne Hunt.

Play

You can check to see if you were caught up in this data breach at Troy Hunt’s Have I Been Pwned.

The audio is ©2015 Kinderling. You can also listen at their website.

ABC logoFollowing last week’s news of the security issues relating to Wi-Fi Hello Barbie, the weekend saw the disclosure of a data breach at toymaker VTech which revealed the details of children and their parents.

I’ve just spoken about this with Emma Griffiths on ABC 612 Brisbane.

Play

If you think you might have been affected, search for your email addresses at Have I Been Pwned.

The audio is ©2015 Australian Broadcasting Corporation. I daresay I’ll be talking about this some more in the coming days.

Departing Mt Victoria: click to embiggenMy week of Monday 23 to Sunday 29 November 2015 was remarkably productive, a sharp comparison with last week. This pleases me.

Apart from the stuff listed below, I’ve also started a fresh program to tackle my on-again off-again “friendship” with the black dog of depression. I haven’t yet decided whether to write about this highly personal topic or not. Maybe when the timeline takes clearer shape.

I also got quite a bit of planning done for December, including locking in a couple geek-for-money projects that won’t be detailed here.

Podcasts

Articles

Media Appearances

5at5

Should 5at5 eventually reappear, you’ll know about it if you subscribe.

Corporate Largesse

The Week Ahead

On Monday, I’ll be writing for ZDNet, as well as heading to Parramatta and Petersham to choose a venue for the next Public House Forum. Various loose ends will be sorted out while on the trains.

On Tuesday, I’ll finish the ZDNet column, make some progress on certain geek-for-money projects, and do some shopping and other errands in Katoomba.

I’ll sleep in on Wednesday, and then head to Sydney to record a SEKRIT podcast episode. Then in the evening I’ll go to VMware’s end-of-year drinks, and then speak at the launch of a Sydney chapter of Electronic Frontiers Australia. It looks like I’ll be getting home quite late.

On Thursday, I’ll write for ZDNet, and then the rest of the week is flexible. I do have some geek projects to weave into the schedule, however.

On Tuesday Friday, I’ll be producing an episode of The 9pm Edict podcast, tentatively titled “The 9pm Garden of Hate”, in which I’ll finish off all of the sponsored content that I owe my supporters. I plan to stream that recording session live at 2100 AEDT. This episode will now be made on Monday night 7 December.

Further Ahead

I’ll record a “2015 Wrap” episode of the Corrupted Nerds podcast some time in the week beginning Monday 14 December.

The next episode of The 9pm Public House Forum, similar to the first one, will be recorded on the afternoon of Saturday 19 December, somewhere in or near Parramatta. The venue will be confirmed in a few days.

I’ll also produce “2015 Wrap” episode of the Edict some time between Christmas and New Year.

[Update 1 December 2015: Edited to reflect schedule changes. Update 4 December 2015: Edited again to reflect further schedule changes.]

[Photo: Departing Mt Victoria. The #purpletrain (also known as a V-Set) pulls away from Platform 1 of Mt Victoria railway station on a wet Saturday afternoon, 28 November 2015.]

Recording Future Tense narration in ABC Radio studio E46

ABC logoIt has been my very great pleasure this week to produce an entire episode of ABC Radio National’s Future Tense, titled Bug bounties and pentesting: the Wild West of online security.

Here’s how the ABC has introduced this documentary:

Online information security is estimated to be worth more than $75 billion annually. And that figure is certain to grow as more and more of our everyday devices are given internet connectivity.

So why are our cyber-networks still being hacked on an industrial scale? Despite all that we’ve learnt about online fraud and malicious attacks, why is the digital world still so fragile?

In this edition of Future Tense, technology writer and commentator Stilgherrian talks ‘bug bounties’ and ‘pentesting’ as he introduces us to those at the coal-face of the security challenge.

Here’s the full half-hour documentary, featuring Alastair MacGibbon, Children’s eSafety Commissioner for the Australian Government; Casey Ellis, founder and CEO of Bugcrowd; Associate Professor Asha Rao, information security expert from RMIT University; Fatemah Beydoun, Chief Awesome at Security Code Warrior and a former IT security auditor; Joe Franzi, Assistant Secretary, Cyber Security, Australian Signals Directorate; John McCormack, CEO of Raytheon|Websense; Nathaniel Wakelam, professional penetration tester/hacker; and a snippet from Alan Dupont, Professor of International Security at the University of New South Wales.

Play

The program is ©2015 Australian Broadcasting Corporation, and it’s served here directly from the ABC website, where you can also read a transcript.

Both the ABC and I are pleased with how this went, and I’ve been invited to pitch further story ideas in the new year.

[Photo: Recording my Future Tense narration in ABC Radio studio E46 in Sydney, on Monday 23 November 2015. This environment was overkill. I wasn’t using any of the studio gear, just my own Sennheiser e835 microphone, Zoom H6, and MacBook Pro — so basically the three items in the foreground — but I needed a proper quiet room.]

« Older entries