Categories
Crypto

blockchain & the future

This is the first of what I’m sure will be many posts on a technology that will come to define our digital lives in the coming decades. “The internet was originally supposed to be a democratizing force. It was supposed to to be, ‘Oh, everything’s going to be equal and even. We’re all going to […]

Categories
Security

RISK

this weeks musings….. Risk is a factor in absolutely every decision we make. Ultimately, in a business scenario,I feel its the company ethos, the company culture, that has a bigger impact than a mandate from management when considering IT risk. The majority of companies now absolutely depend on their systems. A large fractured struggling company […]

Categories
Privacy

PROTONMAIL & BITWARDEN

Inspired and educated by this weeks studies and my continued reading of Edward Snowdens autobiography I’ve signed up for some very cryptographically secure services for email and password management. PROTONMAIL I’d come across this as an alternative to Gmail (which scans every message, is very insecure and targets you with adverts) but its only now […]

Categories
Security

Attack Ideas

As part of our Information Security week we were asked to create a potential social engineering attack plan. Here’s mine based upon a researched template. What do you think?? ………………………. “WORDPRESS ECOSYSTEM HACK” The WordPress ecosystem is known to have security vunerabilities, (Link: https://www.freecodecamp.org/news/wordpress-vulnerabilities-you-need-to-know-about-and-how-to-fix-them-497a2d8b2c3e/), mainly due to users not updating to the latest version of […]

Categories
Privacy

SOCIAL ENGINEERING

Defined as: (in the context of information security) the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. From https://www.lexico.com/en/definition/social_engineering Coincidentally I listened to a podcast at the weekend with Tristan Harris. Formerly Design Ethicist at Google, Tristan is a world-renowned expert on how technology […]

Categories
Uncategorized

PowerShell & Hashing #234grf#dfknsd#

Want to try some hashing? 🙂 This from the NSA! SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA).They are built using the Merkle–Damgård structure, from a one-way compression function itself built using the Davies–Meyer structure from a (classified) specialized block cipher. From Wikipedia @{Algorithm=SHA512; Hash=979749F8518909E46D4FAD54EED5E16DB8E644DD061370DEE715D4310E42B68BBB37E1D6F7B668D9E625BCC4212179689C9544E88848651CA54151E7BDF27E74; Path=C:\Users\********** This is the output of running […]

Categories
Privacy

Aldous Huxley & Facebook

A brilliant piece of commentary I came across while researching privacy: (link to article here in FT) One particular area of Huxley’s prescience concerned the importance of data. He saw the information revolution coming — in the form of gigantic card-indexes, true, but he got the gist. It is amusing to see how many features […]

Categories
Uncategorized

Kleopatra Encryption!

Heres the link to a tool that lets you encrpt messages and files. We played around with it a little this week at Noroff. Here’s another link that gives you a nice walkthrough of getting started. As an avid user of WhatsApp and Signal, learning about the basics of encryption has been quite interesting! Even […]

Categories
Uncategorized

why blog?

I really enjoyed reading the Andrew Sullivan piece on blogging culture, highly relevant despite a puplication date of 2008. He is very articulate and for me personally highlights the key value proposition of reading a personal insight on a blog over a carefully scripted newspaper article. Highlights include: “It is the spontaneous expression of instant […]

Categories
Uncategorized

GIBBS CYCLE

The Gibbs cycle creates a powerful framework for coaxing out your feelings and emotions at each step rather than relying on a generalisation. The line of reasoning your are forced to answer with, generates a clearly defined action plan. Here is my attempt at using it! Description  Over the winter, via netstudy, I took a […]