Dec 30

Deloitte -> SensePost

Life 1 Comment »
As of the 4th of Jan, I will conclude 4-years of service to Deloitte's Security & Privacy group in South Africa, and be moving to SensePost. I have lots to say about it, but didn't want my perseverations over what/how to say it to get in the way of marking the move. My relationship and view of Deloitte is very positive and I learned a massive amount from incredible people. However, I've long wanted to work for SensePost and a combination of a great opportunity offered by the Post'ers and a "time to move on" feeling at Deloitte sealed the deal.

Posted by Dominic White

Last modified on 2009-12-31 12:51
Dec 30

Brain Krebs Leaves The Washington Post

Security No comments »
Security

Brian Krebs, author of SecurityFix and one of the very few mainstream infosec journalists, is pulling a McLeodd1 and leaving the Washington Post to go on his own. He will be reporting from Krebs on Security from today.

Apart from the coverage, Brian has also got involved in or instigated responses to some threats, and I hope that fewer editorial restrictions allow him to do and say more.

In truth, I only really like Brian because he's linked, to me before, encouraging up to 1.5 people to read the abstract on my thesis ;), but more seriously providing data and inspiration to me and several other researchers.

Good luck Brian

Footnote 1: I probably shouldn't mix my ZA and Infosec references, but Duncan McLeodd left the Financial Mail to form independent tech news startup TechCentral.

Posted by Dominic White

Last modified on 2009-12-30 16:24
Dec 14

"Up to Date" isn't the same as "Knowledgeable"

Security 1 Comment »
Security

Eugene Spafford has a warning for us in his latest entry that I thought worth remembering:

Generally, hackers who specialize in the latest attacks dismiss anyone not versed in their tools as ignorant, so I have heard this kind of criticism before. It is still the case that the "elite" hackers who specialize in the latest penetration tools think that they are the most informed about all things security. Sadly, some decision-makers believe this too, much to their later regret, usually because they depend on penetration analysis as their primary security mechanism.

In many ways, I worry that mechanisms like RSS & twitter and the associated behaviour help us to be up to date, but not knowledgeable, and that the implied arrogance of being up to date stops us from realising it.

Posted by Dominic White

Last modified on 2009-12-14 11:23
Dec 1

Efficient extraction of data using binary search and ordering information

Security No comments »
Security

I'm quite excited and honoured to host a guest entry from Yusuf Moosa Motara covering his talk at ZaCon (a video of which can be found here, and the slides here).


Continue reading "Efficient extraction of data using binary search and ordering information"

Posted by Dominic White