Dangerous Technologies and the Propagation of Information

A recent article on the tracking of cellphones led to a discussion in my twitter feed about the use of private industry innovation by government, and the potential for its "misuse" by governments and those who are perhaps less ethical than those who are using these tools and techniques for ...

more ...

Brown Hat Security - In Defense of Hard Deadlines

Security researchers inevitably have a conundrum when it comes to disclosure of vulnerabilities. On the one hand, if they try to do the right thing, they may suffer any number of legal penalties as uncooperative vendors or operators, resentful of the researcher's activities, seek to prosecute rather than patch ...

more ...

Brown Hat Security - Moving Targets

Security is a constantly moving target. There is no case where a given system can be presumed to be "secure" - information security is a process, not a goal. Even the best secured system will be vulnerable to new research over time: those who want to attack systems to extract information ...

more ...

Brown Hat Security - Attack Surfaces

To secure a building, you need to lock and alarm windows and doors, and restrict the capability of people to enter and exist to a known, monitored entrance. Information systems require the same kind of care and attention, though they frequently do not receive it.

Many home and business systems ...

more ...

Brown Hat Security - Weak Links: URL Shorteners

URL shortening services are a ubiquitous part of the internet now, with everyone and his brother coming up with a way to contract long addresses into something shorter and more suited for entering into a tablet or mobile phone. Unfortunately, this convenience comes at a cost, and some bad actors ...

more ...

Brown Hat Security

This is a test of Pelican.

more ...