Online Safety

A couple of weeks ago, I ran a highly unscientific survey on twitter. Asking what advice would people give to children about security. The response was overwhelmingly in favour of educating them to be cautious online, not trust people and generally be paranoid. Other comments were more along the lines of teaching them not to … Continue reading Online Safety →

Forgotten Passwords

What do you do when a user forgets their password. There are a number of different approaches that can be taken. For an internal user within an organisation, it usually means having to phone up the helpdesk. But where an application is public-facing, running a helpdesk is usually cost-prohibitive therefore, self-service functionality is provided. The … Continue reading Forgotten Passwords →

Selling FUD

Some security professionals, be they consultants or vendors have made a healthy living by selling off the back of fear, uncertainty and doubt. This short video is a tribute to all the FUD’sters out there.

Don’t encrypt passwords

Encryption passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper.

Secore.Info

Whilst Girl-Cynic is recovering from her chicken-pox, Marisa Fagan kindly dropped by from across the pond to talk about secore.info You can stalk Marisa on twitter, http://www.twitter.com/dewzi

Happy New Year!

Hope you all have a great year ahead of you and despite how bad things may seem, you can always tap into your inner child and have some fun!

New Year Resolutions

New Years is nearly upon us and we all like making resolutions that we know we probably won’t keep. January will see all the gyms hand out 3 month free contracts which the masses will sign up to and by February tumbleweed will be blowing across the treadmills. Plus we’re pretty lame and aren’t very … Continue reading New Year Resolutions →

Password Protecting Presents

This is the last vlog of 2011 and I’ve proven many doubters wrong that I wouldn’t be able to stick to a weekly vlog schedule till the end of the year. I myself was one of the doubters and placed a bet against myself. So, in a bitter-sweet turn of events, I owe myself a … Continue reading Password Protecting Presents →

Hitting the big time

I think I can officially say that I've hit the big time. Twist & Shout selected me for my ravishing good looks and acting skills to be their CISO elf in their video. Then Bruce Schneier linked http://www.schneier.com/blog/archives/2011/12/santa_hacked.html to the video saying that it was "Mildly Amusing". Of course, those close to Brucey will say … Continue reading Hitting the big time →

A look at Infosec Island

Rather than giving a security roundup or predicting future security trends for 2012, I thought it a good idea to look at some of the security bloggers over at http://www.infosecisland.com over the course of the year.