Things I recently hearted

The folk at Cloudflare posted a blog detailing the trouble with Tor citing a trade-off needed between security, anonymity and convenience.

Reddit has removed its warrant canary for its transparency report for 2015. It can only mean one thing – investigators are after user data and Reddit is gagged from openly discussing the matter. It will be interesting to see how the warrant canary holds up in court if addressed.

If you have a dog. Don’t name it Dash or it could cause your bank to have a meltdown!

Not a week goes by that we aren’t treated to another dose of ransomware. Interesting article in Wired about why hospitals are the perfect target for ransomware.

Playing games with an attacker: how I messed with someone trying to breach the CryptoWall tracker

How one programmer broke the internet by deleting a tiny piece of code.

Unaoil: The company that bribed the world is a very interesting read around corruption in the global oil industry. What I found particularly interesting was how there appeared to by a systematic breakdown of the controls and checks put in place to detect this kind of activity.

Like: A short video that touches upon a thriving ‘pay for likes’ click-farming industry¬†in Bangladesh.

Troy Hunt, the crocodile Dundee of IT Security believes the world needs more stupid security researchers!

Unexpected security issues and unpleasant surprises, a blog post by Dave lewis.

Dar-WIN or LOSE: The anthropology of Security Evolution: video of an interesting 15 min talk by Davi Ottenheimer at RSA. Raising some interesting questions on whether the lack of a cyber ethics framework stand in our way?

Someone made the claim that one firms pen testers each make over $1m annually. My former colleague and analyst Adrian Sanabria broke down the maths to see if it really is feasible.

Not all hackers are evil, an opinion piece by Katie Moussouris in Time Magazine on the government need for hackers.

A better offer letter is a post by eShares which explains how they structure clear offer letters for their employees. I wish more companies took this kind of approach.