latest thoughts

The Evils of MD5


I have a new cause.  I didn’t expect to have one, but we don’t always get to choose.  Sometimes, the issues choose us.  In February 2017, the cryptographic hashing algorithm SHA-1 was broken in practice.  A practical collision was found, and published on the following website:  https://shattered.io…

Read More

Repetitive nature of problems


Working in the Information Security industry, I follow as much information as I can on the attacks and vulnerabilities that occur in our industry. Sometimes these attacks occur as a result of new or unique attack on a product or technology. However, this is usually not the case. We see the same…

Read More

Un-patched Systems


https://www.cnet.com/news/most-android-users-running-outdated-security-patches-report-says/ An article on March 23, 2017 from C|Net reports that 71% of Android users on major U.S. cellular carriers are running phones with outdated security patches. This is an astonishing number. Unfortunately, it…

Read More

Equifax Hack


Friends, please do NOT click on any website or link that purports to allow you to “check” if you have been compromised in the Equifax hack. Clicking on these links, and then providing confidential or personal information, is something you should not be doing. Equifax themselves registered another…

Read More