Unscrewing Security

RSSSubscribe to this blog
About Author

Alec Muffett is a veteran security geek who believes strongly in common sense, full disclosure, defence in depth, privacy, integrity, simplicity and open source. He is an independent consultant, writer, and speaker specialising in security education.

Contact Author

Email Alec

Twitter Profile

Linked-in Profile


Recent Posts

Security Events To Watch: 44Con London Security Conference

Bowler Hat Briefings?

by

I've long thought that the UK needed a real security conference; for years we've had the booth-bunny fest that is Infosec where you get to see anti-virus pitchmen working the crowd like the guy at my saturday market vegetable stall;...

June 21, 2011 8:59 AM Read Full Post

Tags: 44con, conferences, dc4420, hacking, london, security

An indictment of humanity's woeful security...

Careful how you speak

by

I read articles like this and I fume: Only hours after embarrassing the CIA by downing its website, hacking jokesters LulzSec have issued another self-declared indictment of the Internet's woeful security, leaking a database of 62,000 stolen passwords and user...

June 17, 2011 1:49 PM Read Full Post

Tags: internet, lulzsec, security

Apple malware is a foreign country...

...they do things differently there

by

Picture this: some monstrous creature out of a fairy tale arrives at your house, knocks at the door, is let in, and abducts your wife away to the circus. What do you do? Well, if you're PCWorld or some of...

May 20, 2011 12:06 PM Read Full Post

Tags: antivirus, apple, malware, security, windows

Metricating (Cyber) Security

What's your yardstick?

by

A forensics friend - Jon Care - pinged me on Instant Messenger last night: Him: Do you remember your "Corporate Security Index", inspired by Dilbert?Me: Rings a faint bell. Did I write it?Him: You wrote "8.6" on a bit of...

May 13, 2011 3:23 PM Read Full Post

Tags: cybersecurity, metrics, security

The War On Information Access

If we can't ban it, we'll stop you getting at it

by

Information is only useful when it can be accessed at which point it becomes something entirely other - music, video, evidence, or even knowledge - and to do this there is a three-step process: You discover the information - by...

May 9, 2011 2:38 PM Read Full Post

Tags: censorship, dhs, firefox, ice, mafiaafire, security

The Security Backlog

All the stuff that I should have covered whilst wishing I was dead

by

Everything was going so well at Dunhacking, but a dodgy Brick Lane curry eaten at the a market stall whilst attending LinkedGov Hackcamp flattened your correspondent for 10 days, and since then the backlog has been too terrifying to address...

April 28, 2011 3:04 PM Read Full Post

Tags: android, bsides, cybersecurity, dc4420, hacking, iphone, security, tomtom

#practical #dropbox #security #advice

How about checking your security settings?

by

Everybody loves Dropbox - but I was wondering how long it would be before somebody posts an exposé - and thus Derek Newton writes in his blog: Under Windows, Dropbox stores configuration data, file/directory listings, hashes, etc in a...

April 8, 2011 9:38 AM Read Full Post

Tags: authentication, dropbox, hacking, panic, security, twitter, wisdomofcrowds

Like the Universe, Cyberspace is boundless...

...therefore might we spend an infinite sum of money on it?

by

Last Thursday I attended the British Computer Society Meeting the Cyber Challenges of 2012 conference. Over the course of the day there were some epic quotes - to give a flavour: "You have a cryptographic failure, and then the terrorists...

April 5, 2011 5:11 PM Read Full Post

Tags: bcs, cybersecurity, cyberwar, government, ocsia, security

Podcasts and Videos for the bored Security Geek

fill your brains with audio-visual security goodness

by

"So, you go to the gym and work out, listening to security podcasts... ?" "Yes, yes I do." "Mmm. Explains a lot." This week I have been thrilled to discover the RB2 AusCERT security podcasts from last year... and yes,...

March 28, 2011 11:13 AM Read Full Post

Tags: bcs, cybersecurity, cyberwar, exercise, security

Skype is great, but should you bet your freedom on its security?

"Answer hazy, try again later"

by

I should start with disclosure: on March 15th Privacy International (PI) posted a press release calling upon Skype to respond to what they call mounting security concerns regarding Skype's core product. I saw a draft of this press release because...

March 25, 2011 1:54 PM Read Full Post

Tags: certificates, china, cryptography, hacking, interception, security, sophos

[ Previous ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ continued on page 4 >> ]

Powered by the Pagination plugin for Movable Type