Codifyre
#14 - Mobile Security: The Inside Job

#14 - Mobile Security: The Inside Job

January 2, 2019

This was going to be a comparison of major phones, breaking down some of the exploits and weaknesses.  I was potentially going to compare IOS to Android and throw fuel onto an already raging fire amongst smart phone enthusiasts which is, if you’re listening to a podcast, all of us.   Maybe you’re not a geek or a gadget nut but you’re probably far more dependent on that device that you may realise.  You’ve probably never really put a great deal of thought into how much of YOU is locked up in that phone.  You might even have a Kanye-West style pin code like 000000 to unlock it (if you didn’t see the article I posted on the Codifyre Facebook page about the worst passwords and pin-codes of 2018, it’s worth a read.  Kanye tops the bill.

Let’s start with what’s in your phone.

 
 
Follow us on...
#12 - Staying Relevant in a Tech World

#12 - Staying Relevant in a Tech World

June 20, 2018

Once a new technology rolls over you, if you're not part of the steamroller, you're part of the road.

This is one of those podcasts which isn’t the offspring of late night research, countless hours of trial and error tempered by seminars, articles and other people podcasts. This one is coming from real life… whatever that means.

This one is coming from real life… whatever that means.

If you’ve found yourself working in the technology arena it can be as exciting as it is challenging. Sometimes these are one and the same and sometimes they could not be farther apart. Being a GenXr myself I was there at the beginning of the home computing boom. I remember the rise of Steve Jobs, and when Bill Gates was the young genius instead of Mark Zuckerberg except of course when he famously said “640k is all the memory anyone will ever need” or words to that effect. Ok fine he didn’t say that but, thanks to the post-truth world I think it’s probably perfectly ok to attribute that statement to him or anyone else for that matter. Even better if you turn it into a meme!

Getting back to the 80s and 90s when technology was “young” and when air-quotes were first invented (I was thinking some as I typed “young”). Back then I learn to program in C language, I could disassemble my PC and fix it myself, even over-clock the CPU to get more gusto from it and I was building linux kernel I got from Linus Torvalds (the OS namesake) himself because that was the only place you could get it. I will return to Linus as a flagship example of staying relevant in the technological age as he one of the most influential people in our technological era.

Let’s talk about that era. We are currently in a phase of advancement which is to say the least, complex. 

Check out the full blog at 

https://codifyre.com/tech-skills/staying-relevant-technology-world-editorial/

Follow us on...

Twitter: https://www.twitter.com/codifyre

Facebook: https://www.facebook.com/codifyre

Instagram: https://www.instagram.com/codifyre.co.uk

Web: https://www.codifyre.com

#11 - Hacking Hackers and their Hacks

#11 - Hacking Hackers and their Hacks

May 23, 2018

Is it cast aside teenage wunderkinds who can seemingly dissect all things computer with the crack of a laptop to create designer chaos?  They are portrayed smoking cigarettes, roller blading and always have media savvy branding!  Too cool!

Any time a major breach is announced, the media conjures up their classic image of this hooded jedi-like figure in a dimly lit room with 0s and 1s swirling about. Film and TV has done a superb job of portraying our favourite computer hacker as the stereotyped quirky yet heavily crafted indie kid who wields the required dexterity to power-type at a moments notice, anywhere on the planet and inject themselves straight into anything from corporate servers, to traffic light control systems to Dinosaur based fun parks. It usually involves some superb visualisations of neon landscapes and swirling equations.

In the episode I unpack hacking and what it really is, with a few notable examples from the past few years.   

Warning! I may debunk Hollywood's sexy portrayal and expose hacking for what it really is... good ol' fashioned elbow grease.

The shownotes for the episode are here.

https://codifyre.com/coding/hacking-hackers-and-their-hacks-2018/

Follow us on...

Twitter: https://www.twitter.com/codifyre

Facebook: https://www.facebook.com/codifyre

Instagram: https://www.instagram.com/codifyre.co.uk

Web: https://www.codifyre.com

#9 - Social Media versus Data Privacy & GDPR

#9 - Social Media versus Data Privacy & GDPR

April 18, 2018

I was a late adopter waiting until about 2007 before getting onto Facebook. Back in the 2000s I remember my brother calling Facebook a platform for narcissists. Just over 10 years later and 2.3 Billion narcissists later he and I are both active participants.

I don’t think he was wrong! To a degree of course. I think Facebook, to take a positive spin, provides an outlet for many people to express themselves without directly expressing themselves.  Kind of like wearing a Nike t-shirt. Do I like sports or do like to look like I like sports? Hard to know and you’d need a larger piece of the profile to figure it out but the point remains, I’ve made a statement without having to say anything.

Facebook allows people to ‘share’, ‘like’, or ’emoji’ to provide indicators of their feelings without the risk of direct criticism to direct messaging. In fact don’t we find it a bit annoying sometimes when somebody breaches the unwritten rules and posts something blatantly opinionated… I mean come on people… allude to your feelings damn it, don’t provide direct feelings, we are not capable of coping with that!

So why the analysis… there is a point and that point is the what has happened over the past few weeks with Facebook and their handling (mishandling) of your data.

Social Media Privacy

Is that a contradiction or oxymoron?  What can we do about our privacy and what regulations will change the face of how our data is handled in the future?

The shownotes for the episode are here in addition to some great tips and links on cleaning up the privacy of your digital presence!

https://codifyre.com/culture/social-media-versus-data-privacy-gdpr/

Follow us on...

Twitter: https://www.twitter.com/codifyre

Facebook: https://www.facebook.com/codifyre

Instagram: https://www.instagram.com/codifyre.co.uk

Web: https://www.codifyre.com

#7 - Part 2 - Browse This! (Browser Security)

#7 - Part 2 - Browse This! (Browser Security)

March 21, 2018

The internet browser, which began as a simple visual interpretation of a "markup" language used to create a textual representation of visual elements is now a dangerously functional run-time environment potentially comparable to our host operating system. 

In this episode we talk about known exploits in the browser from how file types have tricked the browser, and the OS, into giving away credentials to hacked browser extensions, to crypto mining to the potential for trusted websites to undermine our confidence and off up malvertising and lead us off the safe path.

In short... it's a quick, learn from the mistakes of the past, cautionary tale about browsing the internet in the modern (2018) world.  I would be worried that I was dating this podcast but, as it's a tech podcast, it'll be dated faster than you can say Betamax.  So go listen now!

Read the notes for Part 1 & 2 at

https://codifyre.com/tech-skills/browser-shopper-shoplifter

Follow us on...

Twitter: https://www.twitter.com/codifyre

Facebook: https://www.facebook.com/codifyre

Instagram: https://www.instagram.com/codifyre.co.uk

Web: https://www.codifyre.com

 

#7 - Part 1 - Browse This!  (Browser Security)

#7 - Part 1 - Browse This! (Browser Security)

March 7, 2018

Let me go back to the beginning. 1990!

Shortly after the earth cooled and life began,  Sir Tim Berners-Lee just decided to invent the world wide web.  This was approximately 1990 give or take any prior research and general acceptance of the idea. He also put together the first browser confusingly and yet inspirationally called "WorldWideWeb".

Well now you know how that all started and why it's called what it is. For those of you who were toddlers or perhaps not even born yet a world without the web sounds like a time when everything was in black and white, lit by open flame, the notion of evolution was exciting and new and tablets were made from stone.

Since then things have evolved. The browser which began as a simple visual interpretation of a "markup" language used to create a textual representation of visual elements is now a dangerously functional run-time environment potentially comparable to our host operating system, more than you might expect. 

Read the show notes at...

https://codifyre.com/tech-skills/browser-shopper-shoplifter/

Follow us on...

Twitter: https://www.twitter.com/codifyre

Facebook: https://www.facebook.com/codifyre

Instagram: https://www.instagram.com/codifyre.co.uk

Web: https://www.codifyre.com

 

#6 - Part 2 - Blockchain Security & The Bitcoin Boom

#6 - Part 2 - Blockchain Security & The Bitcoin Boom

February 21, 2018

In Part 1 of our article on blockchain security and cryptocurrency, we took a hard look at the core components that make up a successful cryptocurrency like Bitcoin. From the distributed network itself to the individuals who wish to own and use a cryptocurrency wallet to transfer or spend Bitcoin, security is key (pun intended) and very much a consideration at every stage. We ended our last article talking about the types of wallets available for conducting transactions on the network. This is where both choice and the potential for user or developer error come into play, especially when we discuss the types of wallets and, more importantly, the storage each type provides.

"The technology is a deadly combination of high value, high stakes, and low maturity."

Read the whole article for Part 2 here 

https://www.synopsys.com/blogs/software-security/blockchain-security-cryptocurrency-application/

Follow us on...

Twitter: https://www.twitter.com/codifyre

Facebook: https://www.facebook.com/codifyre

Instagram: https://www.instagram.com/codifyre.co.uk

Web: https://www.codifyre.com

 

#6 - Part 1 - Blockchain Security & The Bitcoin Boom

#6 - Part 1 - Blockchain Security & The Bitcoin Boom

February 7, 2018

Thanks to Bitcoin, it’s fair to say that “blockchain” is a buzzword at the moment—like DevOps, or Zumba. This article isn’t going to dive into what a blockchain is, because many others out there already do that. Here’s a pretty good one that has a snappy description of the evolution of Bitcoin and its symbiotic buddy, blockchain. (I may have written that one as well.)

To some people, Bitcoin is a spoof currency trapped in a speculative bubble. To others, it and its alt-coin brethren are the future of financial exchange. In 2017 we saw a growing frequency of news about Bitcoin millionaires, lost Bitcoin tragedies, Bitcoin scandals, and various Bitcoin exchanges being hacked and shut down.

For the millions who have invested (or are considering investing) in cryptocurrencies such as Bitcoin, Litecoin, Ethereum, and the ever-growing list of alt-coins, little has been mentioned about the software and the infrastructure on which these cryptocurrencies are based. With all early adoption of technology, there is risk, so there’s a natural inclination to question the security of blockchain and the potential for cyber attack against it.

This special edition two part podcast was requested by Synopsys Software Integrity Group so you can read the show notes for it at the link below instead of the standard location at Codifyre.com

Read the whole article for Part 1 here 

https://www.synopsys.com/blogs/software-security/blockchain-security-cryptocurrency-theory/

 

#5 Part 2 - P@$$w0rd5! (Passwords suck)

#5 Part 2 - P@$$w0rd5! (Passwords suck)

January 25, 2018

Passwords are a pain in the a$$.  In fact, in an interview with The Wall Street Journal, Fernando Corbató, now 91 years old and the inventor of the password back in the 60s said that passwords have become “kind of a nightmare”.

The current state of the internet wasn’t quite a consideration when passwords first started. Nowadays the average internet user can have upwards of 100-150 different accounts across multiple services.  You might be thinking… not me!   When was the last time you actually tallied up all your online identities.  You might be surprised.  Each service is now putting sufficient password restrictions specifically force you away from the password top 10 list, but ensuring that you’ll probably forget what your password is… unless… you have a system.  A clever system!

In out last episode we talked about bad passwords (the top bad passwords in fact), what makes a good password and how you can make something up that is easy for you to remember but hard for machines to guess.  

This week we talk about password managers.  We include browsers in that as well.  We discuss the reason behind using password managers and offer suggestions for they can improve your standard of password hell provided you obey a few dos and don'ts.  

Finally we end with two factor authentication and the different options for really ensuring you take your personal security to the next level starting with defining authentication mechanisms as 

Something you know (eg. a password)
Something you have (eg. your phone)
Something you are (eg. your fingerprint)

For more details please check out the blog for this show at 

https://codifyre.com/appsec/passwords-suck/

Our Facebook Page

https://www.facebook.com/codifyre/

Let's twitter as well

https://www.twitter.com/codifyre/

 

#5 Part 1 - P@$$w0rd5! (Passwords suck)

#5 Part 1 - P@$$w0rd5! (Passwords suck)

January 9, 2018

Passwords are a pain in the a$$.  In fact, in an interview with The Wall Street Journal, Fernando Corbató, now 91 years old and the inventor of the password back in the 60s said that passwords have become “kind of a nightmare”.

The current state of the internet wasn’t quite a consideration when passwords first started. Nowadays the average internet user can have upwards of 100-150 different accounts across multiple services.  You might be thinking… not me!   When was the last time you actually tallied up all your online identities.  You might be surprised.  Each service is now putting sufficient password restrictions specifically force you away from the password top 10 list, but ensuring that you’ll probably forget what your password is… unless… you have a system.  A clever system!

Learn more about what makes a good password, a BAD password, why it matters, how they word behind the scenes and what is a good practice.  We'll also talk about single sign on mechnisms like Facebook, Google and Twitter to sign into other online services like Spotify.  Is that dangerous.  Part 1 dives on in.

In two weeks Part 2 will dive into Password Managers and 2 Factor Authentication mechanisms to ensure you are doing your best to keep your online life tight as a drum.

Read the whole blog at https://codifyre.com/appsec/passwords-suck/