blogs

To accompany recent research into the security of common Internet Service Provider (ISP) routers, we lament the current state of security in network devices, both personal and enterprise.

Prompted by an oldish Microsoft blog about how too many people focus on password complexity, this blog discusses how much passwords matter for security, relative to other protections such as MFA and Password Managers.

I’ve been using both the second version of the Windows Subsystem for Linux (WSL2), and the newish Windows Terminal for quite a while, and thought it’d be useful to collate some tips and tricks on them all into a single blog.

Looking forward to 2021, I wanted to write an article not about the FireEye breach or SolarWinds Orion supply chain attack (enough of that has been written), but about what we as in the Cyber Security industry can do about it. The change required is an important and fundamental one.

Let’s be honest, 2020 will not be remembered fondly by many people. Having celebrated its passing, let’s have a quick look back on the big cyber security events and trends that happened over the year

A couple of weeks ago this Microsoft announcement about a new hardware security module came out without much fanfare, even though it could represent a big change for the security of new Windows devices. This blog provides some background on the use of dedicated hardware security modules in different platforms, and highlights their relative weaknesses and advantages.

Running a Kubernetes cluster doesn’t have to be expensive. In this article I discuss how I’ve set up a Kubernetes cluster that is affordable for personal projects.

Introduction Apple code signing has been in the news lately, with the new macOS update having initial problems, as well as adding extra steps for developers building software. Code signing and application permissions on Apple devices both rely on the Mach-O format, which is used for executable files on both macOS and iOS. This blog provides an overview of the structure of Mach-O binaries, and how they implement code signing and application permissions.

Taking new technologies and overlaying them on today’s practices isn’t enough. Companies must undergo a transformation, a ‘digital transformation’, in order to fully reap the rewards. The adoption of the dynamo, a disruptive technology of the 19th century seen through the eyes of a victorian engineer, provides an insightful analogy.

Is £20M an appropriate fine for British Airways from the ICO for the 2018 hack that exposed the personal data of hundreds of thousands of people, including credit card details?