Showing posts from March, 2017

The Joy of Ciphers (Revisited)

Some time ago I discussed some of the cipher configurations in Windows 8.1 Enterprise, and with the unwelcome (to most) arrival of Windows 10 I thought I'd see if the landscape had changed. After all if we can prevent outdated modes of security at point-of-source, we're helping encourage a more secure and private internet.

Last time I discovered that when enforcing transport layer security by restricting cipher suites available to Windows and [at the time] Internet Explorer, a core set of websites and Windows services held everything back by requiring significantly lower security cipher levels. It wasn't just one or two periphery services either - a major CSP's hosted email service and the Windows Store.

A chain is only as strong as it's weakest link after all.

During 2016 some of our systems were the subject of attempted breaches. Thankfully they didn't get past the first layers of defence (and of course it goes without saying that nothing was accessed, leake…

[Belated] Naughty List 2016

I know Santa's already been and gone this year but after last years interview successes he decided to review his options yet again this year. I've been swamped with solution design and development work since December so this article is very late.

2016 saw a marked decrease in spam from the 'major' jobs boards and some new comers then balancing that out by making up for it - Notably My Job Matcher Ltd, who still seem fine with buying your data from India data traders. More of that in the list (yes a spoiler....sorry about that).

2016 also turned up new vectors of spam and processors which are probably unsurprising to most. These new-ish vectors indicate that companies who have received subject access requests SARs from me in the past, decided to sell those details onto spammers and criminals.

Very funny. Should have seen that coming I guess, however I've started designing and writing an anti-spam solution - with help from Santa of course after he got so annoyed wit…