Category Archives: Basic Lessons

Security is mostly a superstition. It does not exist in nature…. Life is either a daring adventure or nothing.

~ Helen Keller (1880 – 1968), The Open Door (1957)

Breach Mitigation or Bust?

“It’s better to assume your organisation has already been compromised and develop defences based around that assumption.”

The maxim is that you can try to protect your network one angle at a time, but hackers can pop the bubble from any place on the sphere. This article from ITPro points to some of the simple things to consider when protecting your network.


I was recently talking to someone who brute forced a BT Business Hub, the sort used by hundreds of thousands of businesses across the UK, using hardware costing less than £35 and it supposedly took him less than 48 hours to crack the 10 character default WPA key.

Invest just a little more money and that timescale starts to look like an absolute age. The truth is that it’s a lot easier than you may imagine to breach the network perimeter these days, and if an attacker is determined enough then the chances are they will succeed.

[……]

Read more

Breach Mitigation or Bust?

“It’s better to assume your organisation has already been compromised and develop defences based around that assumption.”

The maxim is that you can try to protect your network one angle at a time, but hackers can pop the bubble from any place on the sphere. This article from ITPro points to some of the simple things to consider when protecting your network.


I was recently talking to someone who brute forced a BT Business Hub, the sort used by hundreds of thousands of businesses across the UK, using hardware costing less than £35 and it supposedly took him less than 48 hours to crack the 10 character default WPA key.

Invest just a little more money and that timescale starts to look like an absolute age. The truth is that it’s a lot easier than you may imagine to breach the network perimeter these days, and if an attacker is determined enough then the chances are they will succeed.

[……]

Read more

Password Ideas…There Will Be No Sympathy

It is probably past time anyway, but since the recent password losses by LinkedIn and a few other companies, it would be a good weekend task to come up with a great password set and start going down the list. Change everything.

I spot something easy and obvious in front of me, for example a book. Well, I used to. I don’t seem to have any books anymore so I can’t give an example. But I remember the American Heritage Dictionary was the basis for passwords for a long time. AmHeDi for simple sites, Am9He5Di1 for more complicated sites that might give access to spending my money.

 

[……]

Read more

Password Ideas…There Will Be No Sympathy

It is probably past time anyway, but since the recent password losses by LinkedIn and a few other companies, it would be a good weekend task to come up with a great password set and start going down the list. Change everything.

I spot something easy and obvious in front of me, for example a book. Well, I used to. I don’t seem to have any books anymore so I can’t give an example. But I remember the American Heritage Dictionary was the basis for passwords for a long time. AmHeDi for simple sites, Am9He5Di1 for more complicated sites that might give access to spending my money.

 

[……]

Read more