Blockchains, Data Protection, and GDPR

Blockchains, Data Protection, and GDPR

Recently I came across an interesting problem which is to do with data regulation and blockchains: what are the regulations surrounding storing data on blockchains? While there are very few regulations which are specific to blockchain technology it is worth considering which existing laws already apply to blockchain technology. Governments, and their associated regulatory institutions, …

Read More Read More

Always take your credit card receipt when paying by contactless

Always take your credit card receipt when paying by contactless

Quick post: it is worth taking your credit / debit card receipt when paying by contactless. Why: if you take the receipt you will notice that there is a card number displayed in full without the stars (“*”). Not everytime, but too many times. Personally, I think that is bad practice although not actually illegal …

Read More Read More

When will hedge funds become interested in the security posture of a company?

When will hedge funds become interested in the security posture of a company?

At some point the security posture of a company will be of great interest to hedge funds and investment managers. That is to say that they will be interested in how secure other companies will be and whether that can affect their investments. The companies of interest are more likely to be a publicly listed …

Read More Read More

Wikileaks releases a new dump from the CIA – hacking tools – Vault 7

Wikileaks releases a new dump from the CIA – hacking tools – Vault 7

I’m losing track of all the leaks that have happened at US government agencies. It seems that yet another load of information has been shared to Wikileaks. This batch of data supposedly carries hacking tools. It seems there is a lot of policy and procedure documents including checklists for secure development. Wikileaks Vault 7 — …

Read More Read More

Uber’s fake app providing anonymity to drivers?

Uber’s fake app providing anonymity to drivers?

An interesting revelation was dropped in the news this week about Uber implementing a mechanism to provide some level of protection from law enforcement in cities where Uber is prohibited (if I have understood correctly). It would seem that the mechanism affords the driver a level of anonymity. Bruce Schneier wrote a comment on the …

Read More Read More

Hashing, fast and slow

Hashing, fast and slow

Integrity is an important consideration for security assurance. In this article I will explore the importance of hash functions and an associated type of function known as a Key Derivation Function (KDF). Fast hash functions In an digital setting we would like to know that if we are given a particular file that it is …

Read More Read More

It may look complex and unpredictable but is it really?

It may look complex and unpredictable but is it really?

A key idea in security is that of unpredictability. If I can’t guess your password then it ought to be secure. This is almost true, except the problem isn’t about whether I (as a human) can guess your password but whether a computer can iterate through all possible passwords and find your particular password within …

Read More Read More

Investigating the security of anonymous messaging over the Internet

Investigating the security of anonymous messaging over the Internet

The topic of strongly encrypted communication has been receiving a lot of press coverage over the last few years and is a politically sensitive issue. Adding the possibility of making such communication anonymous makes it more sensitive. This work is based upon the thesis that I submitted for my MSc. The layout of the sections plus …

Read More Read More