Is a bitcoin investor unknowingly supporting illegal drug trade and child pornography? Do the drawbacks of using cryptocurrency exceed the advantages to society at large? This is a topic that no one talks about. The ethics of cryptocurrency. To even begin to think about the ethics of cryptocurrency, we will need to know a little […]
2017 – The year in Infosec Should I continue to call it Infosec? Or should I change with the times to call it ‘Cybersecurity’? Whatever the name, 2017 was an interesting year for information security or cybersecurity or whatever you choose to call it. Here are a few things of note that happened: This is […]
A look at what happened in infosec in 2016. An analysis of the key areas where there was action and a wish list for 2017.
Governments should be allowed to use all means possible to break into systems with proper protocol being followed. However asking to reverse the march of technology and asking to deliberately create weaker technology is a definite no-no. Apple and the FBI need to figure out a solution that works without having to insert vulnerabilities. Removing time-outs from pin locks does constitute deliberate insertion of vulnerabilities.
Passwords are easily the most talked about infosec control. Perhaps the simplest concept the explain and surprisingly hard to implement well. Allow a user to keep any password, without restriction, and she will keep her username as the password. Add complexity requirements and she will write it down. Infosec professionals take every possible measure to […]
The Websense security labs is out with its predictions for 2015. You can download them here: http://www.websense.com/content/2015-predictions-report.aspx Websense has made 8 predictions for this year. Please read the report for details. Here, I try to analyse them in the Indian context.
It is difficult to imagine a time without TrueCrypt. I do not even remember how I first got to know of TrueCrypt. I remember, however, moving the mouse randomly to create a new container. Young and foolish at that time, I thought it was a gimmick – not knowing that random number generation can be […]
The dust seems to be settling over the Heartbleed storm. Questions have been asked and answered. The experts and the newbies have voiced their opinions. This, I feel, is a good moment to answer those little questions that we have always been meaning to ask, but feared being thought of as stupid. Here is my attempt […]
Yet another year goes by in the infosec world. This is probably my first year of regular blogging. By regular, I mean at least one post a month (as opposed to the promised one post a fortnight!) Rather than think of anything new at this time of the year, I thought of going with the […]
God controls the averages, not the individual. I was impressed by this line when I read it in Scott Adam’s brilliant book – God’s Debris’. I could almost imagine God to be looking at data and tweaking it (like a benevolent central banker) to control the averages. Too many people? Hmm…. Increase lifestyle diseases. Too […]