The Investigatory Powers Bill for architects and administrators

OK, it’s not the end of the world. But it does change things radically, should it pass third reading in its current form. There is, right now, an opportunity to effect some change to the bill in committee stage, and I urge you to read it and the excellent briefings from Liberty and the Open Rights Group and others and to write to your MP.

Anyway. What does this change in our threat models and security assessments? What aspects of security validation and testing do we need to take more seriously? I’m writing this from my perspective, which is from a small ISP systems perspective, but this contains my personal views, not that of my employer, yada yada.

Continue reading The Investigatory Powers Bill for architects and administrators

The Dark Web: Guidance for journalists

We had a lot of coverage of “the dark web” with the latest Ashley Madison leak coverage. Because a link to a torrent was being shared via a Tor page (well, nearly – actually most people were passing around the Tor2Web link), journalists were falling over themselves to highlight the connection to the “dark web”, that murky and shady part of the internet that probably adds another few % to your click-through ratios.

So many outlets and journalists – even big outfits like BBC News and The Guardian – got their terminology terribly wrong on this stuff, so I thought I’d slap together some guidance, being somewhat au fait with the technology involved. Journalists are actually most of the reason why these sorts of tools exist in the first place, in fact – if that surprises you, read on…

Continue reading The Dark Web: Guidance for journalists

A brief foray into explosions

Every year, myself, my family and some friends get together on New Year’s Eve, have a lovely meal and at midnight, let off the obligatory fireworks. Their house is surrounded by farmland so we have a huge amount of space, making operation of larger fireworks possible, but we’ve in past years stuck to firing the larger end of garden fireworks (category 2).

This year, tired of the inevitable mucking around with unreliable gas lighters at midnight, we decided to take a look at electronic ignition systems and upgrade to category 3 “display” fireworks. Continue reading A brief foray into explosions