nickh01uk - Slashdot User

Submission + - Huawei 5G, A Diplomatic Design (eutopian.io)

Submitted by nickh01uk on Monday July 29, 2019 @06:18PM

nickh01uk writes: This is a story about power and the great forces and constraints shaping our world. It's about 5G, Huawei, China and the consideration the UK and her allies are giving to the use of Huawei’s products in national mobile networks. It's about how we got here, what happens next, and why this saga is littered with missed opportunities.

Submission + - Documenting Cyber Breaches With H-Diagrams (eutopian.io)

Submitted by nickh01uk on Thursday April 18, 2019 @11:10AM

nickh01uk writes: What if you could understand and explain any security breach 10x faster? Security breaches are now a staple of mainstream news. Breaches have become drama. But there’s a downside. Most publications are advertising supported, articles are spread over multiple pages. They’re often longer than necessary and less information dense. Sometimes the "facts" are plain wrong. There’s no standard way of describing a breach in terms that are simple, clear, and easy to communicate to others. How can we provide this information in such a way that would allow experts to instantly understand it while a wider audience enjoys the creative writing in the rest of the article? The answer? H Diagrams.

Submission + - Attack Surface Reduction By Dynamic Compilation (eutopian.io) 1

Submitted by Anonymous Coward on Thursday March 21, 2019 @09:48AM

An anonymous reader writes: Everyone can do something to reduce their attack surface and decrease the likelihood of a breach. This post explores what that winning system looks like when taken to its ultimate logical conclusion.

Submission + - WikiLeaks, a lesson for security admins (blogspot.com) 1

Submitted by nickh01uk on Monday February 21, 2011 @08:40PM

nickh01uk writes: No data, no matter how carefully guarded, is ever truly safe. Now that the dust has settled and the hype has dissipated, the guys over at the 360 security blog have attempted to provide some advice to security admins on keeping their jobs in the brave new WikiLeaks world.

Submission + - WikiLeaks Lessons For Security Managers (blogspot.com)

Submitted by nickh01uk on Monday February 07, 2011 @05:43AM

nickh01uk writes: Rarely does a story with a strong information security thread garner so much attention in the press. When the leaking of secret state information is combined with pent-up public interest in the subject matter, demand meets supply and column inches result. Putting to one side the virtues or vices of making this particular information public, what lessons can we learn from it as Information Security professionals?

Submission + - HBGary Federal hacked and exposed by Anonymous (sophos.com)

Submitted by Anonymous Coward on Monday February 07, 2011 @03:22AM

An anonymous reader writes: As the coin was tossed to kick off Superbowl XLV, Anonymous unleashed their anger at a security firm who had been investigating their membership.

HBGary Federal had been working on unmasking their identities in cooperation with an FBI investigation into the attacks against companies who were cutting off WikiLeaks access and financing.

Unlike the DDoS attacks for which Anonymous has made headlines in recent months, this incident involved true hacking

Comment Must be from the anti-tuna fishing lobby. (Score 1) 554

by nickh01uk on Sunday November 22, 2009 @09:55PM (#30198384) Attached to: Is That Sushi Hazardous To Your Health?

Tune tastes nice and Escolar is served in fine french restaurants here.

iPhone Game Piracy "the Rule Rather Than the Exception" 268

Posted by Soulskill on Friday November 20, 2009 @08:52PM from the hey-some-people-can't-afford-that-99-cents dept.

An anonymous reader writes "Many game developers don't think of the iPhone as being a system which has extensive game piracy. But recent comments by developers and analysts have shown otherwise, and Gamasutra speaks to multiple parties to evaluate the size of the problem and whether there's anything that can be done about it. Quoting: 'Greg Yardley confirms that getting ripped off by pirates is the rule rather than the exception. Yardley is co-founder and CEO of Manhattan-based Pinch Media, a company that provides analytic software for iPhone games. ... "What we've determined is that over 60% of iPhone applications have definitively been pirated based on our checks," he reveals, "and the number is probably higher than that." While it's impossible to estimate how much money developers are losing, it involves more than the price of the game, he says. "What developers lose is not necessarily the sale," he explains, "because I don't believe pirates would have bought the game if they hadn't stolen it. But when there is a back-end infrastructure associated with a game, that is an ongoing incremental cost that becomes a straight loss for the developer."'"

Comment Security 101 for Mobile Operators! (Score 1) 495

by nickh01uk on Wednesday July 29, 2009 @01:47PM (#28869859) Attached to: Apple Says iPhone Jailbreaking Could Hurt Cell Towers

Theres a nice little article over at the 360 blog here listing exactly what mobile operators frequently get wrong with their security architecture and execution. Once wonders if they understand the basics!

Comment There can be huge differences in performance (Score 1) 361

by nickh01uk on Tuesday June 02, 2009 @03:21AM (#28178619) Attached to: When VMware Performance Fails, Try BSD Jails

Theres a nice little article here (basic reg. required) contrasting VMware and Citrix XenServer, where the end user was forced to abandon VMware (their default choice) after suffering performance problems and after 6 months of back and forth with tech support and engineering at the vendor. In the end XenServer delivered 2x the real world performance on identical hardware with a default install. Not all workloads are equally well virtualized! N.

Comment Re:I'm guessing VMWare isn't that worried (Score 1) 259

by nickh01uk on Monday February 23, 2009 @06:09PM (#26962637) Attached to: Citrix XenServer Virtualization Platform Now Free

Re: unsupported trials.

If you'd dropped my company a line we'd have offered a supported trial with an allocated engineer (okay, time spent would depend partly on potential size of a deployment...) but you'd certainly have spent nothing finding out what the product could and could not do in a supported way. We'd probably both have learnt something, I love real-life tests :-) Sometimes there are benefits in NOT buying direct off the vendor's web store :-) End of outrageous plug! Oh, we also do VMware, I guess what Im saying is that deployment is about more than just the upfront sticker price of the product.
PK

Comment Has to be good news for the customer because.... (Score 1) 259

by nickh01uk on Monday February 23, 2009 @05:48PM (#26962373) Attached to: Citrix XenServer Virtualization Platform Now Free

it will provide free access to competitive technology, keep the established vendor(s) straight, and (eventually) will give rise to cross-platform management tools and frameworks.

At last it looks like there will be a free, supported, commercial-grade virtualization solution for those of us who dont have the budget for VMware and have been disappointed with Hyper-V and its predecessors.

I can only imagine this is unhappy news for VMware who surely must now take a reality check on their pricing. I sincerely hope they do not go the same way as Netscape, having 3 strong vendors in the market stops a lot of the kind of bad behavior you see from ERP, CRM, and BI vendors (you know who you are guys!). There was a balanced 2 minute comparison of Hyper-v, XenServer, and VMware over at the 360 blog here.

For the VMware, Xen, and Hyper-V fanboys (are there any Hyper-V fanboys yet?), calm down and take a tip from that blog:

"Providers of the core hypervisor technology will continue to play a game of technical leapfrog with one another for at least a couple of years, while those with a management, enterprise framework, or suite will claim more strategic long-term positions around "liquid infrastructure" or something else suitably bendy. What is most important right now is that you have the right information processing architecture, not any one particular product within it."

Submission + - 7 Wonders of the Security Software World (360is.com)

Submitted by

nickh01uk

on Friday December 28, 2007 @05:29AM

nickh01uk writes: "The guys over at Three Sixty Information Security have published the results of their annual analysis on 7 of the most popular security tools in common use by systems administrators. The articles examines the tools on their merits and attempts to pull together common threads running through each. Finally they put forward their answer to the question "What makes this software so uncommonly good?" If only all software was written like this..."

Comment Re:Shouldn't it have been this way from the start? (Score 1) 316

by nickh01uk on Wednesday September 19, 2007 @04:37AM (#20664985) Attached to: Internet Security Moving Toward 'White List'

Theres a nice little article here that talks about this subject in a vendor-neutral way.

AG

Submission + - The Characteristics of Secure Software (360is.com)

Submitted by

nickh01uk

on Saturday September 15, 2007 @12:24PM

nickh01uk writes: "Particularly topical in light of the widely reported Cisco IOS software vulnerability, Three Sixty Information Security have analysed 7 of their most frequently recommended tools for network and system administrators. Among the regulars like ssh and nmap are some tools less commonly known for their security admin credentials. The article examines each on its merits and uses the results to build a screen for evaluating the robustness of future software. Finally it attempts to answer the question; "What makes this software so uncommonly good?""

Slashdot Top Deals