Last month we released an alpha version of cr-gpg. This is a simple Chrome extension to enable gpg functionality in gmail (or Apps for Domains). (If you don’t know what gpg is, you should first read this and this.) Installation : You can grab the extension from [here] and a double click should install it , after the install is completed you should see the image above if you navigate to chrome://extensions : Options : Once you have installed the …
Year: 2011
For the first time in a decade I didn’t attend BlackHat USA in Las Vegas. I learned that South Africa in August is much colder than i recalled, but also had the chance to observe the conference from through a twitter-lense. It seemed as if there was more talk about parties, than content so I decided to grab all the tweets i could (#blackhat through the twitter search API) to do some simple grouping*. Whats clear straight off is that …
(because we can’t have enough posts with exclamation marks in them) Our previous post (and research) seemed to go by pretty silently initially and then suddenly was everywhere. Andy Greenberg wrote a piece over at Forbes which really does deserve special mention. Tech journalists so often sensationalize security stories that many security researchers are quite afraid to even talk them. I certainly was, but his piece was fair, balanced and covered all the interesting points. +1 to him. The Forbes …
(aka: Shoulder Surfing: There’s an App for that!) We rarely talk about it these days, but shoulder surfing is a pretty old (but reliable) attack. This is why most password prompts are masked. Many modern mobiles (and tablets) however will highlight keys pressed on the keyboard making old style shoulder surfing attacks trivial (and reasonably automatable) again. In an effort to (help) bring back the 90’s we decided to do some fiddling and built a quick app(on top of the …
We recently released a tool at http://cc.thinkst.com to capture and collect infosec conference details. We commented on it [here]. One of the cooler components of it, is the ability to view the relationships between speakers/researchers who have collaborated. This post is a quick introduction to the library we used to build our graphs, with enough info to get you up and running in minutes. As I mentioned, we use ArborJS library which is a a graph visualization library using web …
In February this year we launched ThinkstScapes as a Security Intelligence subscription service. It was originally aimed chiefly at adding context & clarity to newly published research and conference proceedings. The subscription also catered for periodic updates and commentary via “Ad Hoc” updates. We just wrapped Quarter-1, so figured a quick round-up of Q1 would make sense. Interestingly the adhoc updates turned out to be quite popular with customers (forcing us to pay far more attention to them) and in …
I wrote a piece for Al Jazeera on cyber-war, asymmetry and the recent news around possible military reprisal for cyber attacks. You can read the full piece [online here.] …
*oops* We forgot to mention that we updated iTried in the App Store. (iTried is the tiny app that takes a photograph on your Mac whenever the screensaver is disturbed). The new version will allow you to post the pic to twitter whenever it takes one (or whenever it can) which gives you 2 cute possibilities: The ability to remotely see who has been at your Mac The all important ability to track you own haircut over time ;> Check …
We wanted to quickly announce the availability of http://cc.thinkst.com (a resource in need of it’s own domain & a better name.) CC is a simple application that aims to give us a single point where one can search and browse infosec conference talks and materials*. Quick OverviewOne of the cool things about having all of this data in a central db is that we are just as easily able to search by topic (http://cc.thinkst.com/searchMore/foo/) as we are by speaker (http://cc.thinkst.com/searchMore/halvar/)Finding …
The folks over at the Infosec Network have recently started doing interviews with security researchers. They have interviewed some real rock stars so far ([Charlie Miller], [HD Moore], [Joanna Rutkowska], [David Litchfield], [Matthieu Suiche], [Dan Kaminsky], and [Jeremiah Grossman] ) so i was pretty flattered when they asked me.. My interview is up [here] complete with dodgy photo and embarrassingly bad answers.. …