Categories
For Infosec professionals Infosec for everyone

The ethics of bitcoins and other cryptocurrencies

Is a bitcoin investor unknowingly supporting illegal drug trade and child pornography? Do the drawbacks of using cryptocurrency exceed the advantages to society at large? This is a topic that no one talks about. The ethics of cryptocurrency. To even begin to think about the ethics of cryptocurrency, we will need to know a little […]

Categories
For Infosec professionals Infosec for everyone

2017 – The year in Infosec

2017 – The year in Infosec Should I continue to call it Infosec? Or should I change with the times to call it ‘Cybersecurity’? Whatever the name, 2017 was an interesting year for information security or cybersecurity or whatever you choose to call it. Here are a few things of note that happened: This is […]

Categories
For Infosec professionals Infosec for everyone

2016 – The year in infosec

A look at what happened in infosec in 2016. An analysis of the key areas where there was action and a wish list for 2017.

Categories
Infosec for everyone

The Apple encryption saga…

Governments should be allowed to use all means possible to break into systems with proper protocol being followed. However asking to reverse the march of technology and asking to deliberately create weaker technology is a definite no-no. Apple and the FBI need to figure out a solution that works without having to insert vulnerabilities. Removing time-outs from pin locks does constitute deliberate insertion of vulnerabilities.

Categories
For Infosec professionals Infosec for everyone

The quest for good passwords

Passwords are easily the most talked about infosec control. Perhaps the simplest concept the explain and surprisingly hard to implement well. Allow a user to keep any password, without restriction, and she will keep her username as the password. Add complexity requirements and she will write it down. Infosec professionals take every possible measure to […]

Categories
Infosec for everyone

Websense 2015 Predictions and India

The Websense security labs is out with its predictions for 2015. You can download them here: http://www.websense.com/content/2015-predictions-report.aspx Websense has made 8 predictions for this year. Please read the report for details. Here, I try to analyse them in the Indian context.

Categories
Infosec for everyone

The mysterious disappearance of TrueCrypt

It is difficult to imagine a time without TrueCrypt. I do not even remember how I first got to know of TrueCrypt. I remember, however, moving the mouse randomly to create a new container. Young and foolish at that time, I thought it was a gimmick – not knowing that random number generation can be […]

Categories
For Infosec professionals Infosec for everyone

The HeartBleed FAQ

The dust seems to be settling over the Heartbleed storm. Questions have been asked and answered. The experts and the newbies have voiced their opinions. This, I feel, is a good moment to answer those little questions that we have always been meaning to ask, but feared being thought of as stupid. Here is my attempt […]

Categories
For Infosec professionals Infosec for everyone

Top 5 posts on PracticalInfoSec – 2013

Yet another year goes by in the infosec world. This is probably my first year of regular blogging. By regular, I mean at least one post a month (as opposed to the promised one post a fortnight!) Rather than think of anything new at this time of the year, I thought of going with the […]

Categories
For Infosec professionals Infosec for everyone

Life and Probability

God controls the averages, not the individual. I was impressed by this line when I read it in Scott Adam’s brilliant  book – God’s Debris’. I could almost imagine God to be looking at data and tweaking it (like a benevolent central banker) to control the averages. Too many people? Hmm…. Increase lifestyle diseases. Too […]