Some people are really not too happy with Silicon Valley’s monopoly on social media. There are some serious privacy concerns, and we’ve seen a massive migration from Whatsapp to Signal, and whatever you may think of the accusations against Parler, …
Mostly Unrecognized immense scale of Solarwinds Hack
I’m pretty confused as to why there is so little written in the mainstream news on the scale and implications of this latest, and by far the largest, one of many attacks on our network infrastructure, and by a state …
Advanced Security Headers
I have some great security headers on this blog, but they are added using a single checkbox on the Sucuri WAF (web application firewall) this site uses. This is what they look like:
x-xss-protection: 1; mode=block x-frame-options: SAMEORIGIN x-content-type-options: nosniff…
Enumeration, Privacy, Security and the Law
There was a recent arrest of a 19 year old in Halifax for “hacking” freedom-of-information releases from a government website. Alleging he is guilty of section 342.1 of the criminal code, which prohibits unauthorized uses of computers “with intent to …
Governments are always wanting to break encryption
Everytime governments try to break encryption on social media, and they are doing it a lot these days, they hold up an example such as in this case “Sex Traffickers” so if you dare question them, you are exposed as …
We could be doing more
There is a mostly unreported and unrecognised ongoing attack on our research institutes, commerce and infrastructure, massively damaging our successes in the western world.
UC Cert, the United States Computer Emergency Team released an update (TA17-117A) last week from the …
WAFs -v- Endpoint Plugins
I’ve been reading some misleading articles on the subject of Endpoint vs Cloud Security, most notably this from Wordfence . Ironically I have used Wordfence a lot, their free plugin is often my first choice as a recommendation for someone …
Reinventing the Web
We’ve seen some successful technical “reinventions” of the Web such as HTTPS/2 and HTML5 making sites faster and more responsive, but this “Web’s Creator Looks to Reinvent It” initiative is not new, but I will come to that later.
There …
Enabling HSTS
HTTP Strict Transport Security is a very simple to deploy addition to HTTPS, it doesn’t enforce SSL itself but it uses pre-populated lists such as Google’s here. Allowing clients browsers to check against, simply that the site only delivers …
Using an SMTP mail relay to secure a network
Small businesses with Exchange Server or other mail servers tend to have their mail server physically located in their office (in a DMZ), which is great for performance and communicating with each other, but they tend to run all their …