The IoT Security Time Bomb has gone off

For mobile, security had been a topic long before it was a real issue. For IoT, everything went a lot faster. Plus, the problem is a lot bigger, at least in terms of “global” impact, on the internet in general. (While mobile remains the bigger issue for personal security. Luckily, not everybody is at a high risk of becoming a victim of highly targeted attacks, like Ahmed Mansoor.) Actually, IoT is shattering records.

Continue reading

Enabling instead of Blocking – How Etsy’s approach to Security is Different

Stefania Druga, one of my fellow-attendees of “Code as Craft: Crafting an Effective Security Organisation”, a talk given by Rich Smith, Director of Security at Etsy (on Tuesday at Etsy’s Berlin offices), already has written a post about it. Since she has done a good job summarizing several of the key points of the talk, you can get a good idea about the content as a whole from her post and Rich’s slides. I want to focus on one single aspect that stuck to my mind after the talk.

Continue reading

How To: XMPP OTR Chat with Pidgin

As a short follow-up to my Cryptoparty event post, here a short explanation on how to get started with XMPP (Jabber) OTR chat with Pidgin, to spread some (very basic) knowledge. I deviate from the advice given at the Cryptoparty, because I did not use Jitsi, but rather Pidgin. The reason for not using Jitsi is simply that my brother advised me not to use it, as it is build with Java. Therefore, I reverted to Pidgin, a messenger client I already used before, not so long ago. We did not go into the other steps at this Cryptoparty, so I am not sure in how far they conform with the advice that is usually given there on that. Anyways… Let’s get started!

Continue reading

(Berlin) Events: Speech Party & Cryptoparty

Quite a few event-related posts on here lately – but this time at least, I want to recommend two useful and educational kinds of events, not merely fun or entertaining ones. By coincidence, despite otherwise not having that much in common, both have “party” in their name, which really might make you expect something that is primarily just entertaining, however, in these cases, it’s misleading. I attended both a Speech Party and a Cryptoparty in Berlin this week, both are also happening in other places though (hence the Berlin in brackets, in the title). Both are regular, reoccuring events (hence no date in the title).

Continue reading