The Great Firewall of Australia is still being worked upon by the evil legal minions of Senator Conroy. At the time of writing, it’s not illegal to tell you how to bypass censorware. I’m hoping that the legislation has no retrospective provisions in it (which would be really evil). Here’s how you get around censorship in…
Censorship – Bye bye Labor
The Labor party is doomed to be a single term government. They are killing their support base – social progressives and young folks alike are abandoning ship like never before. I have never hidden my dislike for the conservative side of politics, but to totally kick sand in the face of your true believers time…
Welcome to iPad fraud
In the rush to release hundreds of publication specific apps as quickly as possible, every media dinosaur is desperately trying to claw money from the cashed up iPad owners with micropayments and pay walls. This is a recipe for disaster – and it’s going to be a gold mine for security consultancies, and nothing but…
Securency and bribery
Australia developed polymer (plastic) bank notes from the 1970’s onwards, and they’ve been our currency since the 1990’s. This bank note technology is essentially counterfeit proof – notes can have holograms, microprinting, a transparent window, “watermarks”, very colorful inks, metallic strips, and the notes are long lasting and machine washable. There’s a lot of positives….
Sticking your neck out
For as long as I can remember, the standard “security” talk is a negative and destructive talk, where the presenter presents their latest “research” as if it’s going to solve world hunger, totally end the Internet as we know it, cure herpes, or put the spooks out of business as anyone could spy on the whole…
OWASP ASVS – also good for architecture reviews
I’ve just finished a job where I used OWASP’s Application Security Verification Standard as a light weight security architecture template. The good news is that it helped us decide a bunch of controls (using ESAPI of course) that will hopefully improve the security of the application. I’ll find out in a few months if any…
Going to OSCON 2010
I know I’ve ranted about this before, and this post is no different. OSCON still doesn’t have any security talks, which is like an engineering conference that doesn’t have any structural integrity talks. A sample of non-functional requirements in the OSCON 2010 program: Configuration Management – check* Deployment – check Documentation – check Efficiency – check*…
Upgrade to Ubuntu 10.04 LTS in VMWare Fusion – Keyboard issues
I upgraded my VMware Fusion image to Ubuntu 10.04 LTS over the weekend, and everything went well except for the keyboard. It wouldn’t work. So here’s how I found out how to fix it: Go to the Accessibility Preferences at the bottom of the screen, and tick on screen keyboard. You have to reboot because…
GMail – ORBS blacklist FAIL
Hilarious fun for all the family. Google’s GMail service has been blacklisted by an ORBS product. These ORBS places are run by dumb ass vigilantes. The Internet just doesn’t need wanna-be-cops who have no legal basis for their operations. Just in case you’re wondering, I’ve been blacklisted by similar morons in the past and simply…
OWASP Top 10 2010 – Cheat Sheet
Here is a two page cheat sheet for the OWASP Top 10 2010. OWASP Top 10 2010 Cheat Sheet (100 kb PDF) Double side to create a single piece of paper and hand it out to all your developers for free – it’s licensed under a Creative Commons Sharealike with attribution license. Once I’ve had…