privacy
PwnPhone: Default passwords allow covert surveillance.
A few weeks ago, I was asked to observe an installation of several wireless access points & VoIP phones, with a view to making recommendations on how best to improve security while maintaining ease of deployment. It didn't take long for several trends to appear; chief amongst which was the use…
Paul MoorePrivacy & Password Managers: A Reality Check
Before we begin, let me preface this by saying... I actually quite like Steve Gibson. For all his faults, he often raises very salient points on a variety of topics, typically surrounding security products & services. During the latest "Security Now / TWiT" episode on 20/10/2015, Ste…
Paul MooreBehavioral Profiling: The password you can't change.
We're all familiar with the 3 basic categories of authentication. Knowledge factors (passwords, PINs) Possession factors (a software/hardware token - Yubikey/Google Authenticator/SecureID) Inherence factors (fingerprint, heartbeat, iris/retina scanning) While the vast majority of sites use knowledge…
Paul MooreRoboform Security Revisited: Lies, Deception & Misnomers.
You may recall, I recently published an article entitled "How secure is Roboform: The 5 Minute Challenge". Well, 6 months have passed and although there's been no official public response from Siber Systems, they have made a number of comments to journalists and customers by email/Faceboo…
Paul Moore