Skip to main content

This is a new website theme. Help me improve it and give your feedback (opens in a new tab).

Security

Cryptonoise: January 2019

On Thursday 17th January, we held the first Cryptonoise event of 2019. We had a good turn out and kicked off the discussion with a quick browse through Wikipedia’s list of data breaches.

Our first topic of discussion was relating to how we all used passwords and how password reuse can very quickly become problematic if it happens that your password is leaked.

Over time, the probability that any entity holding a large store of sensitive private data will remain both competent enough to protect it adequately and honest enough to want to goes to zero. –@mattblaze

A Solution for Authoritative DNS

I’ve been thinking about improving my DNS setup. So many things will use e-mail verification as a backup authentication measure that it is starting to show as a real weak point. An Ars Technica article earlier this year talked about how “[f]ederal authorities and private researchers are alerting companies to a wave of domain hijacking attacks that use relatively novel techniques to compromise targets at an almost unprecedented scale.”

The two attacks that are mentioned in that article, changing the nameserver and changing records, are something that DNSSEC could protect against. Records wouldn’t have to be changed on my chosen nameservers, a BGP-hijacking could just give another server the queries for records on my domain instead and then reply with whatever it chooses.

Body Scanners at BUD


Note: I wrote this post in the departures lounge at BUD, but it was not posted online until the 25th when I was back home.


I’m really not liking air travel. It makes me ridiculously uncomfortable. Really only one part of it though: security.

Since the introduction of the body scanners in airports, as I have something of an understanding of how they operate, going through security is a pretty terrifying prospect for me. I think that over time it’s got worse too.