Follow Us

Unscrewing Security

RSSSubscribe to this blog
About Author

Alec Muffett is a veteran security geek who believes strongly in common sense, full disclosure, defence in depth, privacy, integrity, simplicity and open source. He is an independent consultant, writer, and speaker specialising in security education.

Contact Author

Email Alec

Twitter Profile

Linked-in Profile


Recent Posts

Learning about Cybersecurity from an Unnatural World

Radio 4 on Security: Bio, Cyber or otherwise...

by

I was listening to the rerun of File On 4[1] this evening, and a chap from the FBI said something very sensible about Cybersecurity. Albeit the programme itself was nothing to do with cybersecurity and its tone was mildly hysterical...

February 13, 2012 12:00 AM Read Full Post

Tags: bbc, biosecurity, cybersecurity, fbi, police, security, terrorism

Digital Darwinism: Perspectives for Industry and Government

A term which will soon see greater use, but it would be nice for the nuances to be understood

by

A few days ago I spoke on a panel at PICTFOR - the Parliamentary ICT Forum - some writeups of which have been posted elsewhere; but a few days prior in preparation myself and some friends had the opportunity to...

February 10, 2012 1:35 PM Read Full Post

Tags: copyright, darwinism, filesharing, regulation, security

The Google Dialogues: Search Neutrality

Transparency is great; backseat regulation in the name of fairness, not so much...

by

Sometimes I feel that the primary differences between Socratic Dialogues and Strawman Arguments are that: a) the former are apparently respectable, but the latter are fallacious, and... b) everyone since 399BC is not Socrates I too am not Socrates -...

January 19, 2012 12:50 AM Read Full Post

Tags: foundem, google, parliament, pictfor, search engine optimisation, search neutrality, security

Merry Christmas - it's another Twitter XSS bug!

Festive fodder for Cybersecuritypseuds

by

Update: fixed now, less than 8 hours later. Isn't technology marvellous ? Recently Twitter bought TweetDeck, a provider of custom twitter-browsing clients which were popular amongst many Twitterati for dealing with bulk tweet-management. Twitter subsequently axed the main TweetDeck client,...

December 20, 2011 2:31 PM Read Full Post

Tags: security, twitter, xss

NetApp, Sophos join list of tech being used by Syrian state snoopers

"Dual-use" technology: who is meant to be the bad guy?

by

If you're in any part of the security industry you will know the phrase dual-use technology; it's the umbrella term for any technology that can be used for both "good" and "evil" from the perspective of whomever is speaking at...

November 4, 2011 12:02 PM Read Full Post

Tags: dual-use, interception, netapp, privacy, security, sophos, syria

#LondonCyber: our very own Star Trek conference

Billions and billions... shields to maximum until it's all over

by

So the FCO's London Conference on Cyberspace is here - and on Twitter - and you cannot have missed yesterday's press trailers: BBC Cyber attacks on the UK are at "disturbing" levels, according to the director of Britain's biggest intelligence...

November 1, 2011 1:39 AM Read Full Post

Tags: cybersecurity, cyberwar, gchq, home office, london, security, theresa may, william hague

Username: Google ; Password: 2bon2btitq

Passwords are hip again; but can we please just get past the "word" aspect?

by

Google are (in partnership with Citizens Advice Bureau) running a campaign about how to stay safe online, and to this end adverts are appearing in London tube trains explaining how to create longer, more memorable passwords, using an example from...

October 21, 2011 2:28 PM Read Full Post

Tags: advice, authentication, cryptography, google, identity, password, security, sso

Amazon, Google, the Platform and Security

An Ex-Amazonian Googler's justifiable hostility towards Security

by

A few days ago Steve Yegge posted a rant to his Google+ account with the intention that it would stay Google-internal. Oops. You can read the rant - now replicated all over the net, for instance YCombinator or mirrored back...

October 17, 2011 8:36 AM Read Full Post

Tags: amazon, architecture, design, google, google+, security, volvo

Jeremy Hunt requests Google become "Big Brother" on behalf of the British Government

DCMS demands freebie Googlespying, else "legislation will ensue"

by

Gadzooks! Here's the Telegraph article with my emphasis added: Jeremy Hunt, the Secretary of State for Culture, Media and Sport, is to tell Google and other search engines that they should play a greater role in the fight against online...

September 13, 2011 11:45 AM Read Full Post

Tags: copyright, dcms, jeremyhunt, security

Rare OSX 1Password flaw exposes plaintext passwords, password history

Bug rapidly caught and fixed, but users should check their logfiles for sensitive data

by

Sunday afternoon I was writing a CWUK posting using my Snow Leopard Macbook Air - plus Chrome, Safari, all the other usual suspects, as well as 1Password, a password-keysafe product from AgileBits. It's not clear what happened next, but as...

September 6, 2011 3:10 PM Read Full Post

Tags: 1password, osx, passwords, security

[ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ continued on page 2 >> ]

Powered by the Pagination plugin for Movable Type