Information Protection Explained
This is a really cool comic explaining security – just enjoy here.
Roger
RSA and the NSA Crypto-Backdoor – Interesting Times
Interesting times… We all know that creating a truly random number generator to base crypto keys on is one of the most difficult tasks in cryptography. Back in September, the New York Times announced that NSA has a backdoor into encryption implementations (see here) and later that NSA wrote a widely used random number generator…
DetailsThe Impact of the Snowden Case on Security
Whenever a new Snowden document is released, a new wave of discussions in the press ramps up. Discussions about governments spying on each other and on citizens. However, there is another interesting aspect, which we need to look at in my opinion. Edward Snowden, a contractor for the NSA, left the buildings with a lot…
DetailsDid you know? – impressive stats
I was in a training today, where the trainer showed this video, I wanted to share with you. Really impressive stats, which makes you think about the world we are living in and the world our kids are growing into:
Roger
Indicators of Compromise – think the business way
Over all the years in security, there are a few problems, which land on my desk over and over again. One – as an example – is how to really, practically assess risks, one is how to measure security and one is event correlation. I know that tools are sold for each of these problems…
DetailsHow secure are your Apps?
Swisscom just published an app called CheckAp to help you understand your exposure on your phone. It helps you to look at what the different apps want to access on your phone like GPS, camera, contacts etc. Basically you can get the same kind of information in the app stores. However, depending on the platform…
DetailsIf something is free – you are the product!
If you look at the press and the discussions on the web a lot of people complain about the use of their data by service providers. Personally, I am convinced that certain companies stretch their interpretation of privacy further than they should because they can afford it based of the position they have in the…
DetailsImportance of Nicknames in Cybercrime
Trust is a key – even in the underground economy. However, it is hard to establish – even worse in the underground economy. In the real world, we get together and I start to get to know you. I can see you and over time decide whether we can trust each other or not. In…
DetailsRussia spying as well?
The whole discussion about NSA and Mr. Snowden sometimes gives me the impression the people think that the US is the only one which spies. Well, let’s think again. You might have seen the reports: Russia ‘spied on G20 leaders with USB sticks’. They actually used an interesting approach by handing out complementary USB sticks…
DetailsMalware Infection in the International Space Station
Eugene Kaspersky made it clear very often: Everything is at risk (and the world is going to end unless we use very secure and dedicated Operation Systems). I would guess the ISS is very well protected and has kind of an air gap – at least when in space as the transmission might not be…
DetailsSecurity Focus
When I look at security organizations, I often seem them doing everything but mainly focusing on governance and compliance. The key question from my point of view is often: Where does security add value? Why should the business (besides compliance to laws, regulations, policies and common sense) even focus on security. If we try to…
DetailsbadBIOS Malware – a Hoax? I hope so…
On Friday arstechnica published a longer story on Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps. The author talks about a virus/rootkit discovered by Dragos Ruiu, (organizer of CanSecWest and PacSec). The plot looks like a bad Hollywood movie. He describes strange behavior of machines that are completely new, setup from scratch,…
DetailsMan-in-the-Middle Attack through social networks
This morning I started to read the classical security sources again and found this article: LinkedIn ‘Intro’duces Insecurity. I started to read without too much interest until I reached this point: Intro reconfigures your iOS device (e.g. iPhone, iPad) so that all of your emails go through LinkedIn’s servers. You read that right. Once you…
DetailsBack online ;-)
It is not that there were no themes to blog about. It was much more that I had the great opportunity to take a few weeks off between my work at Microsoft and the start at Swisscom – and there was not too much room for work during that time. I really had time off…
DetailsHow bad is the iPhone fingerprint hack?
I guess you have seen this in the meantime: Chaos Computer Club claims to have “cracked” the iPhone 5s fingerprint sensor. It has been all over the press especially because it happened within a 48 hours window of the launch. I think that there are two things to consider, when you look at all the…
DetailsTime to move on – Ready for my next adventure
The ones who regularly read my blog know, that I am absolutely convinced that we need to change in the security industry in certain ways: We need not only to position security as a business enabler but we need to live this. The point I made numerous times was that IT is here to help…
DetailsUsing the Cloud to solve business problems in today’s world
I often get asked by customers how I see the cloud in today’s environment. Honestly, I do not see it differently than I did an year ago. If I look at security in general, I see three challenges, which shape my mind: Most investments go towards protecting the infrastructure, whereas most attacks are successful on…
DetailsYes, it is still me
Yes, you are still on the right blog. Things change and one of these is my blog design (the rest I will communicate in due time).
Roger
Making Sense from Snowden: What’s Significant in the NSA Surveillance Revelations
I do not want to comment this but it is a fairly interesting article on Snowden’s Revelations, the consequences and the legal frameworks. Definitely worth spending the time: Making Sense from Snowden: What’s Significant in the NSA Surveillance Revelations Roger Related articles FAQ: 5 Things Known and Alleged About NSA surveillance (sallyannfredericktudor.wordpress.com) Snowden: UK Government…
DetailsCareful, when Microsoft Support is calling
I guess you are aware of the phone scams, when Microsoft support is calling you to tell you that you have an issue on your computer, which needs to be fixed. A Norwegian team was actually able to film that. The whole conversation with the “supporter” is in English (the rest in Norwegian) and is…
Details