Internet of Asymmetric Warfare

One of the most significant problems facing the tech industry today is that of securing the so-called 'Internet of Things' - the vast mishmash of network-enabled gizmos and tchotchkes that seem to be the primary focus of development efforts today. When there are APIs available for toothbrushes, the likelihood of other ...

more ...

Cui Bono?

The recent announcement by Google of a service to mitigate DOS attacks looks like a very definite benefit for small companies that don't have the resources they need in order to handle that kind of attack themselves. However, this is by no means a charitable offer - Google reaps very ...

more ...

Folksec

Information security is a difficult field. It's not only more than a little esoteric in how it works, but the conditions for 'valid' vs. 'owned' change often - much more often, at times, than most people's usual exposure to training for it.

This leads to some unfortunate consequences, where ...

more ...

Adama's Rule

Adama's Rule is a design principle for computer systems that, given the increasing prevalence of computers in traditionally non-computerized products, needs significant attention.

It can be stated thus:

Do not network anything that can kill you.

The name derives from the 'Battlestar Galactica' reboot, where the Cylons (malicious robotic ...

more ...

Brown Hat Security - A NetAdmin's Manifesto

This is my network. Anything inside this gateway is mine. Any traffic within this network only exists because I allow it. Any systems connected to this network are only there on my sufferance. Every frame on the LAN, whether wireless or wired, is there only because I have explicitly decided ...

more ...

Dangerous Technologies and the Propagation of Information

A recent article on the tracking of cellphones led to a discussion in my twitter feed about the use of private industry innovation by government, and the potential for its "misuse" by governments and those who are perhaps less ethical than those who are using these tools and techniques for ...

more ...