Staying Focused and Motivated

staying focused2
Standard

How can I re-enter a state of mind? My friend, Ade, asked. He went on to describe how he would start reading or learning something with a lot of excitement, but to his dismay he often discovered when he returned some days later that his enthusiasm had waned – or as he put it in nerdspeak “his dopamine1 levels weren’t as high”. I consider his question to be of the multi-million dollar variety. Personally, even when the right approach for such scenarios seems obvious, I sometimes find it hard to follow through.

Continue reading

Securing IoT Apps and The OWASP IoT Project

Standard

IoT-icons_globeEverything comes alive. It’s the long heralded tech future and the future is now. Many things around us – from bulbs to thermostats and sprinklers – are getting smarter, which simply means that they’re getting easier to administer or personalize. That feat is achieved by designing previously mechanical devices to be  digital, enabling them to run complex software that process digital input commands, and even hooking them up to the internet in many cases. Et Voilà! The Internet of things (IoT) is born. It’s not a tale anymore, we’re living it – albeit with some ways to go till full-on Jetsons-dom.

Regardless of where it’s domiciled, software remains software. As such it’s unsurprising that Hackers are expected to be major players in the IoT space. Is our world getting ultra-personalized? A resounding yes. But it’s definitely more hackable too. Researchers are already demonstrating scary examples, ranging from the hacking of cars to compromised pacemakers.

Continue reading

Building an Information Security Community in the Heart of Nigeria’s Tech Hub

Standard

Previous Image
Next Image

info heading

info content

I still remember the most productive cup of coffee I had last winter. It was a cappuccino served by an outlet called Dukes, at the City Gate business centre in Cork, Ireland. Darren Fitzpatrick and I were catching up after weeks of ‘maybe next week?’. It’s not the cuppa’s taste I remember, although I guess it must have been alright given that Darren loves Dukes and he know’s more about the caffeine monkey than I ever will. But in the time it took to down that coffee, the idea of an Open Web Application Security Project (OWASP) chapter in Nigeria’s economic power house, Lagos, was borne. Continue reading

Comparing Single Sign-on Protocols: OAuth vs OpenID vs SAML vs WS-Federation

Standard

From Single-Sign-On for consumers to the integration of partners into corporate systems and applications, in a super connected world, simplifying authentication for your users and your partners is more than a good-to-have. Near-seamless authentication allows you to provide the security for user resources that you must, while keeping your customers happy. How can we achieve this? Continue reading

A Day in The Life of a Software Security Architect a.k.a Another Computer Nerd

Standard

It had been a super long night. The kind of blurry night that involves going to bed way past midnight and waking up well before dawn, after slipping in about 3+ hours of shut eye. The previous day had brought me the gift of a fascinating issue involving ‘device drivers’, my first foray into that area. I had spent all of the previous evening and most of the night reading up on how device drivers work on the Windows operating system, how they could be secured and how they might be exploited by malefactors. Continue reading

Infosec Podcasts: Stay informed about Information Security… On The Go

Standard

Things happen fast in Cybersecurity. Information technology has always been a rapidly evolving discipline, but in cybersecurity I get the feeling this seem to change even faster. This probably has a lot to do with the nature of ‘immediate urgency’ in this field. Cyber criminals rush to detect and exploit security holes while defenders watch in paranoia lest they get pwned! As such, we experience almost weekly releases of technical discoveries, vulnerabilities,  tools, and new (often controversial) laws. Continue reading

Learning to Analyze Malware

Standard

Cybercriminals churn out thousands of Malware variants each day, using automated means to modify sections of code to evade Antivirus detection.

White Hat malware researchers analyse malicious software by dissecting its different components and studying its behavior on the host computer’s operating system. It’s a pretty interesting and intricate field. What skills are required, though? Continue reading

Open Netware’s Pre-installed ‘Privacy on Top’ Routers Arrive

Standard

A few posts back, I described how Open Netware had developed router software for private and secure web surfing, leveraging TOR, OpenDNS, and DNSCrypt. At the time, installation of their software on supported routers required an Android app. A simple process, but still requiring enough tech savvy to scare off some potential users.  It also voided the router’s warranty. Open Netware has gone a step further by providing pre-installed routers that are basically plug and play.

Continue reading

As We Live and Breathe

Standard

Some persons live in the past, always relieving long gone memories in a state of persistent nostalgia. Others live in the future, always wanting or praying for what isn’t. Yet another group of persons live in the present, enjoying each moment to the fullest or revelling in their miseries, little lessons learnt, few plans made. A few persons transcend all 3 states, trapezing hither and thither. I believe it’s those lucky few who truly live.

Are you writing secure code?

Standard

It’s proven, you know1… the longer you wait to implement security in your the software you develop, the more expensive it becomes to implement the right security.  Adding security after bugs have been found by QA or your product has shipped means you have to redesign and recode; more work, more expenses. Whereas, if as early as product conception your team performs secure design reviews and threat modelling, developers will naturally Think Security while coding; Secure Coding.

Continue reading