You are currently browsing articles tagged security.

Railway Parade near Wentworth Falls: click to embiggenMy week of Monday 30 November to Sunday 6 December 2015 went reasonably well. Although I didn’t do things exactly as predicted last week, there was enough progress to make me happy.

In the interests of getting this posted on schedule, I’ll go straight to the list…



Media Appearances

  • On Tuesday, I spoke about the VTech hack on ABC 612 Brisbane.
  • On Wednesday, I spoke about the VTech hack on Kinderling Radio.
  • On Wednesday evening, I took part in a panel discussion at the launch of the Sydney chapter of Electronic Frontiers Australia. The only recording is a very rough one for my own reference, so sorry, you won’t be hearing it.


Should 5at5 eventually reappear, you’ll know about it if you subscribe.

Corporate Largesse

  • On Wednesday, I went to VMware’s end-of-year drinks at O Bar and Dining, Australia Square. Apart from canapés and champagne, I pocketed a pen. They so pwn me now.

The Week Ahead

On Monday, Prime Minister Malcolm Turnbull will be making some sort of announcement regarding innovation, so I suspect I’ll be writing something for ZDNet. If not, well, there’s a thousand tasks of administrivia I need to deal with.

On Tuesday, I’m heading to Sydney for a medical appointment, an interview, and NetSuite’s end-of-year drinks. I’m then heading to the ABC’s Sydney studios to do a spot on ABC 774 Melbourne at 1900 AEDT.

On Wednesday, I’ll be dealing with a number of geek-for-hire tasks, and planning certain things for the next couple of weeks.

On Wednesdayetime=”2015-12-09T03:11:37+00:00″>Thursday, I’ll finally be producing that episode of The 9pm Edict podcast, tentatively titled “The 9pm Garden of Hate”, in which I’ll finish off all of the sponsored content that I owe my supporters. I plan to stream that recording session live at 2100 AEDT.

On Thursday, I’m heading to Sydney again for a medical appointment, amongst other things, and probably writing for ZDNet en route.

Friday will see me doing whatever remains to be done, which will include writing for ZDNet.

Further Ahead

I’ll record a “2015 Wrap” episode of the Corrupted Nerds podcast some time in the week beginning Monday 14 December.

The next episode of The 9pm Public House Forum, similar to the first one, will be recorded on the afternoon of Saturday 19 December. The venue will be confirmed in a few days, but it’s now looking like it’ll be somewhere in Sydney’s inner west.

I’ll also produce “2015 Wrap” episode of the Edict some time between Christmas and New Year.

[Update 9 December 2015: Edited to reflect schedule changes.]

[Photo: Railway Parade near Wentworth Falls. On the last day of spring, the yellow flowers of the Coreopsis lanceolata are everywhere. They’re a weed, but pretty nonetheless.]

[Update 2.25pm: Comments on Twitter have persuaded me to emphasise that the question here is specifically about “personal safety” only, not lame and replaceable possessions, and my personal safety at that. As the second-last paragraph says, the risk profile might not be the same for everyone. These are the choices I’ve made with open eyes.]

“How do you think that tweeting your day plans affects your personal safety?” asked Ravneel Chand a short time ago. Overall, I reckon it actually increases my safety. Here’s why.

Background first. Here’s today’s “daily plan” tweet which, like those on pretty much every other day, is tweeted shortly before I settle down to work.

Thu plan: Bump out Waratah Cottage; 1032 train to Sydney; lunch (where?); errand Newtown/Enmore; write something; evening TBA.

Later in the morning I mentioned that I’d be catching a later train. And then, just as I left the house:

Mobile: Cab, shortly, to Wentworth Falls; 1132 train to Sydney Central; train to Town Hall station; 1335 walk to SEKRIT hotel and check in.

Clearly the fear being expressed is that by knowing my movements some bad person could more easily do me harm. But let’s do a proper risk assessment. You start one of those by enumerating the risks, and then you look at how this additional information might change those risks.

Read the rest of this entry »

Stilgherrian’s links for 08 November 2009 through 18 November 2009:

See what happens when you don’t curate your links for ten days, during which time there’s a conference which generates a bazillion things to link to? Sigh.

This is such a huge batch of links that I’ll start them over the fold. They’re not all about Media140 Sydney, trust me.

Read the rest of this entry »

Stilgherrian’s links for 23 April 2009, presented with perfectly-pointed toes:

Stilgherrian’s links for 11 March 2009 through 18 March 2009, posted after considerable delay in some cases:

Stilgherrian’s links for 20 January 2009 through 24 January 2009:

  • VPNOut: “VPNOut provides secure and anonymous VPN access that can break through firewalls.” And past censorship.
  • Apple’s 1987 Knowledge Navigator Video | YouTube: A remarkable “concept video” looking at how we might use computers and the Internet in “the future”, i.e. now.
  • EGovernment nets most callers: survey | PS News: A Department of Finance and Deregulation survey has found more Australians now contact the Government via the internet than they do by phone or in person.
  • Cursebird: What the f#@! is everyone swearing about?: Apparently on Twitter I swear “like a George Carlin Wannabe”. I’m ranked 355th in the world, putting me in the very top percentile. I wonder what the stats would look like for Australians only?
  • 7 Steps To Build A Startup From Scratch With No Money | Blog: What it says.
  • Dark Dungeons | Chick Publications: This book from a well-established evangelistic Christian publisher, points out the evils of role-playing game Dungeons & Dragons.
  • Obituary: Sir John Mortimer | Geoffrey Robertson’s obituary of Sir John Mortimer, creator of fictional lawyer Rumpole of the Bailey and a decent lawyer in his own right. Apparently in his youth Mortimer “encountered with interest the bookshop-owning lesbians who had taken opium with Cocteau, and a prim, elderly lady who had, in her youth, urinated regularly upon pioneering sexologist Havelock Ellis.” Goodness me.
  • Schapelle Corby Tour: “My name is Eddie Hutauruk and I have been running tours in Bali for over 8 years. Schapelle Corby Tours is our latest venture, and is fully respectful of Schapelle and her situation… Schapelle Corby is a convicted Australian drug runner, and my tours allow people to see Schapelle in her cage at Kerobokan Prison in Bali. Tours can be arranged for most days of the week and pick-up is possible from most Bali hotels.” Very clever.
  • Folk Devils and Internet Safety | Daithí mac Sithigh’s blog on cyberlaw & media law: Another view on the report of the Internet Safety Technical Task Force which said, amongst other things, that the risks of bullying online are far more important that worrying about the rare instances of adults soliciting for sex.
  • A chat with Fake Stephen Conroy | ZDNet Australia: What is says. Rather amusing, I reckon. And no, I am not Fake Stephen Conroy. But I have my suspicions about who it really is…

Here’s why the Director of Public Prosecutions (for American readers, read: District Attorney’s office) dropped the charges against The Chaser crew for their APEC security-breach stunt.

Read the rest of this entry »

Image from The Chaser team arrest at APEC

News has just come through that charges against The Chaser team for their APEC security breach stunt have been dropped. Good, someone has a brain. Yes, they did enter the APEC security zone — but you, dear police and security forces, stood back and saluted as you waved them through the checkpoints.

28 April 2008 by Stilgherrian | No comments

I should also post a link to Bruce Schneier’s magnificent essay The Psychology of Security. A fantastic read. For similar material, check out his keynote speech at LinuxConf Australia last week.

11 February 2008 by Stilgherrian | No comments

When it comes to security, every desktop computer operating system is fundamentally flawed. Why? Because any software you run has the same permissions that you do. Anything you can do, they can do too — whether you want that or not.

Speaking at the AusCERT conference on Monday, Ivan Krstic, director of security architecture for the One Laptop per Child project, says the computing industry relies on “utterly obsolete concepts and assumptions” and has “massively failed when it comes to desktop security”.

The way modern desktop security works is by relying on the user to make informed and sensible choices on things they don’t understand.

The early personal firewall software was a classic example:

A dialogue would pop up and say ‘Hi, we’ve intercepted this packet with this TCP sequence number and these flags set, and SYN and FIN are both on, and here are the destination ports and the source ports and here is a hex dump of the packet. Allow or deny? What do you think?’. Who is that protecting? It’s protecting me, but I don’t need that kind of protection in the first place.

The Apple Blog was sarcastic when they reported Krstic’s speech — I suspect because arrogant OS X users think security issues don’t apply to them — so I posted a response

Read the rest of this entry »

« Older entries