Skip to main content

Posts

Shooby Shooby Do Yah ... now Google ... Turn Bill's Lights Off

Introduction I drove from Edinburgh to Glasgow last and had a merry chat with my car companion. A s I was driving I asked them to "Play Banana Republic by the Boomtown Rats on Spotify", and then asked, "Tell me the latest tech news". But I was alone in the car, and every command began with "Okay Google". I must admit when a great piece of useful technology comes along, I love it. There is no button to press, and there is no looking at the screen, and it works beautifully. All I have to do is match my sentences to the ones that my Google Assistant understands. For just now we are in a learning phase, and she is learning from me, and I'm learning from her. The world, as far as I can see it, is moving towards one which has Alexa, Siri and Now Google embedded into it. I believe this will become one of the greatest steps forward in the true integration of technology and humans. But, on the other side, we now have a little spy in our pocket, and s
Recent posts

Face Recognition at Public Events: Big Brother or Catching Criminals?

Introduction So did George Orwell actually predict the future of the Cyber Age with his 1984 book? In his book, George projected a state which observed its citizens, and where there was no hiding place. He could see a time of TVs on the wall which could talk to you, and for the citizens to be watched for everything that they did. Perhaps he could see a world where our Cloud Service providers ... Google .. Facebook ... and so on ... continually monitoring our activities? Obviously, in 1948, when he published it, the use of technology was not quite developed as it is now, but  perhaps we need to examine our current move towards the observation of crime through technologies such as face recognition. On the back of Internet records in the UK being monitored without a warrant, we now see that citizens may not be free from observation when they attend even something like a football match. Monitoring faces A number of police forces in the UK have been trying face recognition in

Getting Ready for the All Clear for Backdoors?

Introduction As GDPR heads towards an increasing application of encryption, the US may move towards legislating for a backdoor on crypto - named "responsible encryption". The justification revolves around cases such as for Syed Rizwan Farook who open killed 14 people in San Bernardino. Within the investigation, the FBI put considerable pressure on Apple to open the phone, but they refused. After this, the US government pushed through a court order to force Apple to produce a new operating system which could be unlocked, and again Apple refused and said that it was "a threat to individual liberty". Many now see strong encryption as the key weapon in a battle between perfect encryption and a Big Brother society, and where civil liberties are the ultimate target. And so to soften the tone of the debate, the term exceptional access was coined. Clear While President Obama dismissed the application of backdoors into crypto, it is now being pushed forward within the

Twitter Password Reset and Media Panic Stories

  Introduction The Twitter data breach showcases the possible up-and-coming storm from the media on data breaches, especially that it still struggles to understand some of the technical elements involved in a breach. With the Facebook/Cambridge Analytica story making the news headlines, the media now know that they have a technically-related topic that the general public are interested in. And so Twitter is the most recent major Cloud Service Provider who has hit the headlines: So many in the media this was pushed as a major story, but it was just a typical story of someone making a mistake and which was quickly righted. The chances of any related data breach is minimal as it was only an internal processing mistake. For most companies the error would go unreported external, but in the days of the media chasing for cover-ups and evidence of bad practice, Twitter did the right thing and reported it. The media, of course, go for shock headlines, and which can panic users (and sha

UK MPs Finally Wake Up To The Cyber Age?

I know when something is brewing when my phone starts to buzz with "Number Withheld", and that it's the news media looking for leads. And so it was the information that the UK Parliament was under a “sustained and determined” attack for the email accounts of MPs and associated staff. It started on Friday, and they targetted accounts which had weak passwords, and led to a lock-out on the affected accounts. Remote access to email systems was also disabled. Basically, it was a Hydra account on the email server: It seems that with the IPB (Investigatory Powers Bill) and the targeting of backdoors in cryptography that MPs are finally realised that we live in an Information Age ... and the days of the Industry Age are receding fast. Jeremy Corbyn even stepped on a Glastonbury stage and announced: “I think [this] indicates just how vulnerable we are to cyber-attacks and our cyber-security. We need to be investing in cyber-protection – it is a huge issue. We all re

The Domain Reminder "Scam"

Introduction You may know that I often follow-up on scamming emails, in order to investigate the true motive for their attempt. So here I would like to outline a scam which looks fairly passive but tricks the user in its usage of wording. The Scam First the scamming company search DNS records and locate a domain which is near to timing-out and gain the email address of the registered person. Next they draft an official looking email which looks like it knows lots of details about the domain and account holder, and which warns them about a domain which is expiring: But the wording is strange here, and there's nothing illegal in what they are offering. In quickly reading the email, it seems that they are warning you that your domain is expiring on 28 June 2017, and that it will be cancelled . But read more closely ... it is their offer of the SEO registration that will be cancelled on 28 June 2017! This is the same date as the domain is actually going to time-out, so they

Ministry of Computing

Part 1: It Begins Preface With the newspapers full of large-scale data breaches, where each one was larger than the last, no-one ever thought it would be Tom McKinnon, the Chief Security Architect at the Ministry of Computing, that would go down as the person who would create the most devastating breach of all. Hack-a-day The security operations centre within the Ministry of Computing contained many screens showing traffic flows and security alerts. Its coloured coded traces had been designed for the human operators to detect major intrusions, and where green showed that all was good; amber defined a change; and where red identified the colour of danger.  The analysts had perfectly tuned their eyes to the scrolling charts and text feeds, and could instantly see the seeds of attacks. They were the experts in finding not only a needle in a haystack, but also a pin-prick on the Moon.  The place ran on normality - using signatures of well-known intrusions -  and on abnormality