20 September, 2019

Friday Squid Blogging: Piglet Squid

Another piglet squid video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines…

20 September, 2019

Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

Earlier this month I made fun of a company called Crown-Sterling, for...for...for being a company that deserves being made fun of. This morning, the company announced that they "decrypted two 256-bit asymmetric public keys in approximately 50 seconds from a standard laptop computer." Really. They did. This keylength is so small it has never been considered secure. It was…

20 September, 2019

A Feminist Take on Information Privacy

Maria Farrell has a really interesting framing of information/device privacy: What our smartphones and relationship abusers share is that they both exert power over us in a world shaped to tip the balance in their favour, and they both work really, really hard to obscure this fact and keep us confused and blaming ourselves. Here are some of the…

20 September, 2019

New Biometrics

This article discusses new types of biometrics under development, including gait, scent, heartbeat, microbiome, and butt shape (no,…

19 September, 2019

Revisiting Software Vulnerabilities in the Boeing 787

I previously blogged about a Black Hat talk that disclosed security vulnerabilities in the Boeing 787 software. Ben Rothke concludes that the vulnerabilities are real, but not…

18 September, 2019

I'm Looking to Hire a Strategist to Help Figure Out Public-Interest Tech

I am in search of a strategic thought partner: a person who can work closely with me over the next 9 to 12 months in assessing what's needed to advance the practice, integration, and adoption of public-interest technology. All of the details are in the RFP. The selected strategist will work closely with me on a number of clear…

18 September, 2019

Cracking Forgotten Passwords

Expandpass is a string expansion program. It's "useful for cracking passwords you kinda-remember." You tell the program what you remember about the password and it tries related passwords. I learned about it in this article about Phil Dougherty, who helps people recover lost cryptocurrency passwords (mostly Ethereum) for a cut of the recovered…

16 September, 2019

Another Side Channel in Intel Chips

Not that serious, but interesting: In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU's last-level cache, rather than following the standard (and significantly longer) path through the server's main memory. By avoiding system memory, Intel's DDIO¬≠short for Data-Direct I/O¬≠increased input/output bandwidth…

15 September, 2019

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at University College London on September 23, 2019. I'm speaking at World's Top 50 Innovators 2019 at the Royal Society in London on September 24, 2019. I'm speaking at Cyber Security Nordic in Helsinki, Finland on October 3, 2019. I'm speaking at the…

13 September, 2019

Friday Squid Blogging: How Scientists Captured the Giant Squid Video

In June, I blogged about a video of a live juvenile giant squid. Here's how that video was captured. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines…

Businesswomen in an office

Give us a call
+44 (0)118 207 6800

Or drop us an email