Tag Archives: security

Do you trust your hotel room safe? Think again

I came across this video the other day on YouTube whilst actually sitting in my hotel room.

I did check it out and found that my hotel had a very different make of safe to the one shown in the video. I have however seen the shown model in hotels I have stayed in, but in the UK at least they are quite rare.

So the safe in my hotel room could not be opened by an all zero code but that does not say their isn’t a master code known by all the staff.

In any case however it is clearly a potential problem and one any traveller should be aware of. I did post the video on Facebook and a friend did come back and suggest one of these.

So be careful out there people.

We know where you live (revisited)

Several months ago I posted THIS article entitled “We know where you live

At the time I discussed how a lot of the new location aware social networking sites could actually be used to work out where you live, where you are right now and thus work out when you are away from home.

Over the last year or so, many more such sites have been launched with a popular one being Foursquare. The idea of Foursquare is that you “check in” via an application on your mobile phone each time you go somewhere new (such as a bar or a museum) and this information is then used to let your friends know where you are and to allow others in the same location give you advice on things to do.

This information is also posted in real time to Twitter and Facebook.

If you read my previous article then you can probably work out what’s coming next.

Some bright sparks have just launched a website called Please Rob Me. It pulls information from these various services and then displays it for the world to see

Please Rob Me

Powerful stuff isn’t it?

More importantly though this website is to demonstrate a point. Indeed on the Please Rob Me website they say:

The goal of this website is to raise some awareness on this issue and have people think about how they use services like Foursquare, Brightkite, Google Buzz etc. Because all this site is, is a dressed up Twitter search page. Everybody can get this information.

So once again, if you are using these location aware social networking sites, please stop and think because not only are you telling people where you are, but you are also telling people where you are not!

Security considerations for server virtualisation – A CPNI guide

If you have read my biography you will have noticed that one of my specialities is server virtualisation based on the modern hypervisor approach that is offered by vendors such as VMware, Microsoft and Xen to name but three.

Last year, the Centre for the Protection of National Infrastructure (CPNI) undertook to put together guidance on this emerging technology in the form of one of their Technical Notes and pulled together a substantial team from across the industry. I was honoured to be part of that team

This technical note is now available to download from their Technical Notes Archive on the CPNI public website (no registration required) and whilst aimed very much at CNI (critical national infrastructure) providers, it should be interesting to anybody looking at using virtualisation.

it is also interesting to see that even though this document is only a few months old, the technology has moved forward in leaps and bounds making some of the observations seem odd.

So download the document, have a read and do with it as you see fit. It is their for everybody’s benefit and even if you only take one thing away, it’s been worthwhile:

Direct download link:

CPNI – Security considerations for server virtualisation

CPNI Technical Note 1/2009 – Security Considerations For Server Virtualisation (Local Copy)

Paranoid americans & pirates

Earlier this year I wrote about wide open networks which are really just networks without firewalls where the security is handled at a device level and where all traffic between all devices is encrypted.

Well it looks like a bunch of paranoid americans together with a whole bunch of software pirates might just take this one step closer to reality sooner rather than later.

Continue reading Paranoid americans & pirates

Infosec 2008 – Is that it?

I managed to miss the Infosec event in London last year due to HP having their Technology@Work event in Berlin the same week (it was a tough call) so this years event was a chance to catch up on what’s new.

So today saw me heading off to Olympia in West London to see what’s new in the world of information security and I think the answer is “not much”.

Continue reading Infosec 2008 – Is that it?