SSL isn’t hopelessly broken, but the widespread use of TLS 1.0 means that SSL cannot be regarded as fully “secure”

Róbert Lipovský and I put our heads together and posted a joint article to SC Magazine’s Cybercrime Corner on “Dead Certs?”

As you might expect, I don’t by any means agree that AV is a dead parrot, though I’m not going to claim that it detects everything (or anywhere near that) either.

…but it doesn't necessarily want you to be free. Since Cameron Camp and I have written here and here about the implications of the UK government's meditations on curbing civil unrest by curbing social media services, it's interesting to see that the estimable Kim Davis, who previously categorized UK Prime Minister David Cameron's pronouncements as bluster, has also

You may be aware that Cameron Camp and I regularly write articles for SC Magazine's Cybercrime Corner: here here's a catch-up list of the most recent, in the hope that you might find them of use and interest. At any rate, it'll give some idea of the range of content covered. Ten years later, still the same

…I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog…

What we’re lacking here is a clear differentiation between types of “hacktivist” or, indeed, “activist”: much of the commentary that’s around at the moment seems to assume that all hacktivists are the same.

“Infrastructure Attacks: The Next Generation?” now includes the speaker notes, which hopefully makes it more interesting and useful.

…the ‘next Stuxnet’ probably won’t be any such thing, whatever we may choose to call it…

In the absence of any detailed information from the IMF itself, it’s not surprising that most of the surmise around the attack is based on internal IMF memos quoted by Bloomberg, and much of it is rather tenuous.