Posts

Showing posts from February, 2010

New Podcast: Safe Social Networking (Feb2010) Released

Image
I thought it was about time I resurrected the IT Security Expert Podcast, so I dusted off my podcast mic and put together a podcast on using Social Networking safely. This podcast is aimed at day to day people outside the security industry. http://itsecurityexpert.co.uk/index.php?module=podcaster&PODCASTS_MAN_OP=viewPodcast&PHPWS_MAN_ITEMS[]=6 ITSecurityExpert on iTunes To go with this Podcast I have a “Parent Child Facebook Safety Guide” which I put together following my appearance on BBC Radio 5 earlier in the year. http://itsecurityexpert.co.uk/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=36&MMN_position=53:53 And I have a couple of relevant blog entries to this Podcast http://blog.itsecurityexpert.co.uk/2009/12/facebook-privacy-settings-change.html http://blog.itsecurityexpert.co.uk/2009/11/child-facebook-safety.html I’m considering a couple things with this Podcast, initially doing a new release once a month, and I am also cons...

Chip & Pin Weakness Smoke Screen for Real UK Card Fraud

Image
The Chip & Pin man-in-the-middle weakness highlighted by the Cambridge academics last week is important to raise and to have addressed, but I’m afraid to say this weakness in Chip & Pin is nothing new, this vulnerability has been known about for years, the Cambridge boffins are right in that Chip & Pin isn't as secure as it should be. However no system ever gives 100% security, the aim of the game is about reducing risk. Chip & Pin reduces card fraud risk significantly when compared to other non-cash payment methods, such as payments by just signing and payments bycheques, even with this vulnerability. The fact is Chip & Pin drastically cut cardholder present fraud in the UK when it was introduced in 2005. The real important thing to understand here, is for the Cambridge Chip & Pin fraud to work, the fraudster needs to have possession of the original debit/credit card (which has yet to be cancelled), and seemingly a laptop. Now ...

A Cyberwarfare Warning: Greater Manchester Police & Conficker

Image
In the information age our Police forces increasingly relies on their IT systems to help them perform their duties, these IT systems hold citizen’s most personal sensitive information. Given the nature of “Police Business” you would think Her Majesty’s finest would be pretty good at IT Security, but apparently not. One of the largest Police forces in the UK, Greater Manchester Police (GMP), were forced to disconnect their IT systems from the national Police systems, after their IT systems had been discovered to be riddled with the Conficker WORM. This nasty piece of malware has been around since 2008, however all the anti-virus systems I know of, has been protecting IT systems against it since just after Conficker’s release. From School Children and to Silver Surfers, most people realise and understand the importance of having Anti-Virus software installed on their PCs, and the importance of keeping their Anti-Virus up to date. Installing Anti-Virus protection onto all Windows ba...