A few posts back, I described how Open Netware had developed router software for private and secure web surfing, leveraging TOR, OpenDNS, and DNSCrypt. At the time, installation of their software on supported routers required an Android app. A simple process, but still requiring enough tech savvy to scare off some potential users. It also voided the router’s warranty. Open Netware has gone a step further by providing pre-installed routers that are basically plug and play. …
Blog Posts
It’s proven, you know1… the longer you wait to implement security in your the software you develop, the more expensive it becomes to implement the right security. Adding security after bugs have been found by QA or your product has shipped means you have to redesign and recode; more work, more expenses. Whereas, if as early as product conception your team performs secure design reviews and threat modelling, developers will naturally Think Security while coding; Secure Coding. …
Wouldn’t it be cool if you could easily run vulnerability scans on any website from your local machine without compromising or revealing your identity? A few weeks ago I ran an approved website vulnerability scan using ZAP. For some reason the scan caused/coincided with some performance issues on the target server and sysadmins traced some of the ‘interesting’ traffic to my machine. So I thought, what if I had run that scan through TOR? …
Ransomware is a variety of malware that encrypts the files on an infected machine until a ransom is paid, usually via Bitcoin. Over the past year ransomeware has increased on PCs and has spread to mobile devices. Most recently, ransomeware is also being deployed on web servers, effectively taking websites offline till the owners pay up. Vulnerabilities in different web application plugins are often used as entry points. The average website uses lots of plugins from different third-party developers. As …
Cybersecurity has become everyone’s business as is evident in the popularity of critically acclaimed TV Show, Mr. Robot. Yesterday, I mentioned Mr. Robot to one of the few colleagues of mine who hasn’t seen it and he asked: “You mean there is a TV series about Cybersecurity and the main character is a hacker?”…. You better believe it:) …
In an earlier post, I described 5 rules software users can follow to select secure passwords. Trust is a two way street. Software developers expect users to select strong passwords and likewise, software users expect their data (including passwords) to be stored securely by software vendors. There never seems to be a wrong time to talk about this considering the almost constant trend of data breaches. One of the latest of those occurred at Uk Broadband and Telecom provider Talk Talk earlier …
The internet has become a pseudo focal point of human existence. The interconnectedness of the web and the services it offers presents us with something akin to a double-edged sword. On one hand, we enjoy the ease of interacting or transacting from anywhere in real time. On the other hand, we are exposed to a loss of privacy as web service providers and governments access information that we provide knowingly or otherwise. We are also exposed to security risks from …
Passwords, we don’t like them very much, we don’t enjoy using them, and they seem to get stolen quite a bit. Despite the existence of biometrics, and other multifactor authentication mechanisms, passwords are still very much around. Since we are still stuck with passwords, how can we use them securely? Here are five simple rules: …
In Cork and in all of Ireland, the IT revolution keeps gathering steam and shows no signs of slowing down. Ireland’s corporate tax most likely played a part in incentivising tech power houses to set up shop and the governments’ support for small businesses through agencies like Enterprise Ireland has been great for startups nationwide. I’m also willing to bet that a lot of the startup energy rocking the nation is down to local talent, some of whom are skilled …
I got a chance to explore Black Hat for the first time about a month ago. No, I don’t mean the movie which I can proudly say I am yet to watch. Yes, I mean the real thing. It was Black Hat USA 2015, an information security conference in Vegas and it was an ‘interesting’ experience. Black Hat is touted as the most technical and relevant global information security event series in the world. For more than 16 years, Black Hat has provided attendees …