Category: Opinion
-
PASSWORD MANAGERS, CRYPTOGRAPHY, AND TRUST
So, a friend* of mine asked me yesterday, (following my posting of an article), what I thought of a particular password manager – I obviously wanted to answer her question. I then decided that since I was in for a penny, I might as well be in for a pound and here we are, (hopefully) […]
-
UPnP – Why I don’t allow it on my Home Network
The UPnP protocol has a long standing history of security problems, not the least of which being that it allows unauthenticated devices to connect to and through your home network. TLDR; UPnP is a flawed protocol which has been leveraged numerous times to conduct widespread attacks via large numbers of insecure devices. Do not enable […]
-
Credential Security …again
So, with another major collection of user credentials being uncovered (and reported in the mainstream media), there is a slight increase in interest in people, their data, and the credentials they use. For those who may not yet have caught up with the news (or those reading this in the future and wondering which massive credential theft I’m referring to), this is the uncovering of the work done by ‘Cyber Vor’ who managed to snare around 1.2 billion (yes, with a B) unique user credentials.
-
Standing on the Wall
Today I was discussing the recent work by the New Zealand Police in bring a number of people up on charges for their part in an international pedophile ring. While I’ll save you from the details (you can do your own reading using this article as a starting point), some of the alleged offenses are […]
-
Expiring Passwords
Today there was a question pitched by one of the guys at work as to why we bother having such things as a password expiry / enforced change. My answer (in true Rob fashion), rambled a little (ok, a lot) but I’ve consolidated it below and made it generic to suit anyone facing the same […]
-
Authenticating Users – The Struggle to Raise the Bar
Interesting quote from an article that I was reading this morning: “When creating a patient portal that provides access to electronic health records, healthcare organizations must educate patients about the need for authenticating their identities, says Sharp HealthCare CIO Bill Spooner. […] Spooner notes that some patients have complained that the authentication method for its […]
-
Interesting developments in the connectivity world…
The Australian Government has just dropped the ban hammer on Chinese Telecommunications equipment company Huawei and it’s going to be interesting to see how this plays out across the Tasman here in New Zealand… Given the traditional “copy our West Island cousins” approach versus the “but they’re part of a free trade agreement” view of […]