Archive

Author Archive

IOS8 Security – Apple take the high road?

September 26, 2014 Leave a comment

Jonathan Zdziarski posted an interesting blog last week detailing some of the changes in IOS designed to improve security, and reign in accessibility of data in the new IOS 8 release.

Historically, it’s been possible for legitimate law enforcement groups to pressure Apple into unlocking devices – Much like data requests sent to ISP’s about your browsing and network habits, Apple (and Google et all) were able to unlock “confiscated” devices so detectives could search them for incriminating evidence.

IOS8 makes that somewhat harder and puts Apple (and Google) squarely against what Law Enforcement and Governments want.   Read more…

Categories: Cryptography Tags: , , ,

Apple watch – fanboy’s delight?

September 11, 2014 Leave a comment

watches

Apple watch – ah, I am so torn. For those who know me, I have a LOT of watches. In fact, not only do I wear a different one every day, most days I wear two or three..

I have a Pebble – I love it, but I just can’t wear it with a suit, or while diving, or while smashing down a wall, or while using an air chisel, and all the many other things I’m not meant to do.

I also have an iPod Shuffle in a Lunatik Lync strap – now that one I loved, really because of all the different faces – but, it’s not waterproof, and it’s not automatic, and it doesn’t match what I’m wearing, the face only shows when you press a button and, well just sometimes you have to wear an Omega, or a Seiko etc.. Read more…

Categories: Uncategorized

Microsoft vs NY State – Stalemate, or fiasco continues?

September 8, 2014 Leave a comment

ny court

vsmicrosoft

Following on from the July report of the Southern District Court of NY’s attempt to compel Microsoft US to hand over personal emails from a server controlled by Microsoft Ireland, physically in Ireland (really!), Today Microsoft voluntarily offered themselves to be in contempt of court.

Ie, they know they’ve not done what the court asked, and they don’t intend to.

Bloomburg gave a brief summary of the event –  which is a follow on from the July storyRead more…

Categories: Privacy Laws Tags: ,

Microsoft vs NY Court’s data request. A turning point for privacy?

July 31, 2014 1 comment

ny court

vs

microsoft

An interesting case brewing courtesy of Microsoft and the Southern District court of NY reported by The Register this week

Here, we have a court order from NY requesting Microsoft produce some emails from a server physically located in Ireland, and managed by a local Irish Microsoft subsidiary.

While there is long standing and well understood that company records stored oversees must be delivered on demand, for example Microsofts financial records across the world would have to be delivered to a court requesting such, the law is a little less clear when it comes to data not strictly owned by a company, yet managed by it.  Read more…

Simplifying Security – An Interview with SC Magazine

A recent video I filmed while on a press tour of the east coast – Dan Kaplan of Secure Computing Magazine was kind enough to interview me and ask me questions about why securing IT is so complex.

Categories: Security/Exploits

Decrypt Full Disk Encryption products for $299 – Well, it got cheaper at least

December 21, 2012 Leave a comment

Many people have contacted my team and I over the last few days about the recent announcement by ElcomSoft, that they offer a tool to decrypt Bitlocker, PGP and Truecrypt volumes.

This $299 tool is advertised as getting you access to this encrypted data quickly and easily…

Now, this may sound exciting, but as they say, there’s always a catch – you need a memory dump from the machine from when it was authenticated to use this tool – yes, no recovery if you find a cold machine. You have to get access to it while it’s on and the user has logged in, then, after they switch it off, you can recover the data..

Sounds familiar? Well it should, it’s exactly the same idea Passware.com released to the world back in 2010 – I even blogged about it then… Read more…

The Connected Home – Introducing the McAfee Little Red Box

November 6, 2012 1 comment

This will be old news to those of you who took the time to visit McAfee Focus 2012 , but for the rest – my team took the opportunity to introduce the concept of the McAfee “Little Red Box” in the Innovation roadshow.

It’s a prototype project that my team has been working on for some time now, and will go some way to answer the need to protect all the connected devices in your home. 

My house is the classic connected home – I have the usual assortment of PCs and laptops that build up over the years, some relegated to the role of photo frame, others scattered around for occasional browsing and email use. There’s also the odd real photo frame (wirelessly connected to a media server of course), and on that topic, numerous Playstations, XBoxs, and other gaming consoles that my family enjoy.

If that wasn’t enough IP connected equipment, you can add into the mix more than one of every Apple device made – iPads, iPhones, Apple TV’s, even an Apple Mini, oh and a few Samsung internet connected TV’s as well.

I often jest that I have an internet-toaster, but I don’t. My wife thought about buying an internet-fridge, but the fact it didn’t support wireless put her off.

I must be forgetting something, as my router DNS server regularly gets maxed out – oh yes, I have Sonos  throughout the house as well, and also a few Apple Airport Express wireless repeaters.

You don’t come to my place if you’re sensitive to EMF… Read more…

Follow

Get every new post delivered to your Inbox.

Join 213 other followers