Yes, it’s that time of the week where we look back over what’s been happening in the world of security over the past week.
Pinning down locations from photos
Great example of how one can look at clues in a photo and combine with a bit of OSINT and Google maps to determine the location of someone.
Pretty interesting stuff, until you start looking at all the pictures you’ve ever posted publicly and think that it’s maybe all gone a bit too far. Particularly when you realise how many stalkers there are out there.
The role of automated data discovery in a GDPR programme
A great piece by Sarah Clarke on the automation of data discovery in GDPR.
Data is not a religion. It is not a panacea. Data isn’t going to tell you what data you need to listen to. Humans are going to tell you what data you need to listen to.
Open-sourcing abandoned code
There’s an argument that old, abandoned code should be made open source. Think of it like upcycling someone’s old, discarded sofa.
The theory sounds good, but Rob Graham puts forward a strong argument as to why it’s a really bad idea.
Free software is suffering because coders don’t know how to write documentation
Documentation, the bane of everyone’s existence. Ask pen testers the worst part of their job, or developers, or risk managers – nearly everyone despises documentation.
But according to GitHub’s 2017 open source survey, 93% of people reported being frustrated with incomplete or confusing documentation.
It’s a shame, because documentation shouldn’t be viewed as a chore. Documentation is the opportunity to tell a story, to get your message across. It’s where the developer is the marketer and can control the narrative. If they don’t take advantage of it, then someone else will… or won’t.
Migrating to BeyondCorp
Maintaining productivity while improving security
The newest Google BeyondCorp paper is fascinating. Just try to count all the “Major projects” and stakeholders.
Microsoft faces antitrust Suit
- Earlier this month, Kaspersky lab filed an antitrust complaint against Microsoft over allegations that MS was not playing nicely with third-party antivirus software.
- However, this week, an MS exec admitted to Win 10 disabling third-party security software.
It does sound as if Kaspersky has a point. Healthy competition and collaboration is needed in all aspects of security. Building walls only hurts users in the long run.
Theresa May on banning encryption
Much has been said about Theresa May’s plans to ban encryption. But Corey Doctorow’s rebuttal of the proposal is well worth reading
- AlienVault on goverments and backdoors
Randomize your life
Eager to burst his own bubble, a techie made apps to randomize his life. Probably a bit too brave for my liking – but interesting story none the less