Why AWS wasn’t the real point of failure

Why AWS wasn’t the real point of failure March 2017 So, Amazon Web Services went AWOL this week, leaving many websites inoperable. In the currently climate of fake and inaccurate news, it is important to read beyond the headline to realise that “AWS” did not go...

We cannot let passwords die (yet)

We cannot let passwords die (yet) August 2016 I’m getting fed up with marketing that says “Passwords must die” only to present yet another solution that won’t replace them. The challenge to solve is ubiquity – this is why passwords have stood the test of time, even...

DNS Tunnelling

DNS Tunnelling August 2015 A recent project at Nexor required us to look at the challenges of providing access to the DNS from a secure environment. It reminded me of the issues related to DNS tunnelling. DNS tunnelling enables a user to run a full TCP/IP stack over...

Q: When is a Diode not a Diode?

Q: When is a Diode not a Diode? April 2015 A: When it’s a Transistor or a Zener diode. What is a Diode? A diode allows an electric current to pass in one direction while blocking current in the opposite direction. It works using a doped silicon P-N Junction. If...

More on Air Gaps

MORE ON AIR GAPS March 2015 While Air-Gaps are a good conceptual solution, in practice beyond Schneier’s single PC example, they are very hard to achieve. There is nearly always a backdoor to be found somewhere that an attacker can exploit. Opinion is divided,...