Dominic White

SA Security Bloggers

SensePost

Haroon Meer
link

Matt Erasmus
link

Andrew Mohawk

Junaid Loonat
link

Barry Irwin
link

Tom Wells

Allen Baranov
link

Jock Forrester
link

IT Security Pubcast
link

Telspace

ISGAfrica

Ralfe Poisson

How-To's
link Linux SSH Jail with pam_chroot
link Firefox Privacy & Security Extensions

Papers
link Managing Patching, my MSc Thesis
link Risk Analysis of Monthly Patch Schedules

Tools
link Automated Vodacom SMS (VodaSMS)
link RSS 2 SMS
link DShield Hack Detection

Neologisms
link Encryption principles
link Zoolander's Law

Syndicate This Blog

SSL

Certificate fingerprints:

SHA1: 61 13 45 4B 4C F9 89 9B B7 87 C8 78 F7 38 12 CB 07 E2 60 BF
MD5 : DA 53 7B 50 E4 3A 2C 6C A1 17 53 C1 A0 5E CB 89

HTTPS version.
You can find an explanation here.

License

Original content in this work is licensed under a Creative Commons License

Disclaimer

This blog and its contents are in no way affiliated with, or endorsed by my employer.

Wednesday, December 30. 2009

Deloitte -> SensePost

As of the 4th of Jan, I will conclude 4-years of service to Deloitte's Security & Privacy group in South Africa, and be moving to SensePost. I have lots to say about it, but didn't want my perseverations over what/how to say it to get in the way of marking the move. My relationship and view of Deloitte is very positive and I learned a massive amount from incredible people. However, I've long wanted to work for SensePost and a combination of a great opportunity offered by the Post'ers and a "time to move on" feeling at Deloitte sealed the deal.

Posted by Dominic White in Life at 09:20 | Comments (2) | Trackbacks (0)

Last modified on 2009-12-31 12:51

Brain Krebs Leaves The Washington Post

Brian Krebs, author of SecurityFix and one of the very few mainstream infosec journalists, is pulling a McLeodd¹ and leaving the Washington Post to go on his own. He will be reporting from Krebs on Security from today.

Apart from the coverage, Brian has also got involved in or instigated responses to some threats, and I hope that fewer editorial restrictions allow him to do and say more.

In truth, I only really like Brian because he's linked, to me before, encouraging up to 1.5 people to read the abstract on my thesis ;), but more seriously providing data and inspiration to me and several other researchers.

Good luck Brian

Footnote 1: I probably shouldn't mix my ZA and Infosec references, but Duncan McLeodd left the Financial Mail to form independent tech news startup TechCentral.

Posted by Dominic White in Security at 08:48 | Comments (0) | Trackbacks (0)

Last modified on 2009-12-30 16:24

Monday, December 14. 2009

"Up to Date" isn't the same as "Knowledgeable"

Eugene Spafford has a warning for us in his latest entry that I thought worth remembering:

Generally, hackers who specialize in the latest attacks dismiss anyone not versed in their tools as ignorant, so I have heard this kind of criticism before. It is still the case that the "elite" hackers who specialize in the latest penetration tools think that they are the most informed about all things security. Sadly, some decision-makers believe this too, much to their later regret, usually because they depend on penetration analysis as their primary security mechanism.

In many ways, I worry that mechanisms like RSS & twitter and the associated behaviour help us to be up to date, but not knowledgeable, and that the implied arrogance of being up to date stops us from realising it.

Posted by Dominic White in Security at 07:39 | Comment (1) | Trackbacks (0)

Last modified on 2009-12-14 11:23

Tuesday, December 1. 2009

Efficient extraction of data using binary search and ordering information

I'm quite excited and honoured to host a guest entry from Yusuf Moosa Motara covering his talk at ZaCon (a video of which can be found here, and the slides here).

Continue reading "Efficient extraction of data using binary search and ordering information"

Posted by Dominic White in Security at 08:50 | Comments (0) | Trackbacks (0)

(Page 1 of 1, totaling 4 entries)