Stories by Anthony Caruana

Crypto won't save you

Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures and security usability. Having been part of the team that wrote the popular PGP encryption package, you'd expect that he'd put a lot of trust crypto.

Anthony Caruana | 30 May | Read more

Are we gambling with TCP/IP

At AusCert 2014, Verizon's Marcus Sachs posed the question – "Are we gambling with TCP/IP?" Think about it. In the late 1990s there was a protocol war in progress but in a few short years Token Ring, NetBEUI, Apple Talk and the others all disappeared to be replaced by the protocol of the Internet.

Anthony Caruana | 30 May | Read more

Security in a post NSA era – it's a head game

Stefan Schumacher is head of the Magdeburg Institute for Security Research and is currently running a research programme about the psychology of security. At AusCERT 2014, he told the audience that Edward Snowden's NSA leaks have removed any lingering doubts about a totalitarian surveillance of the Internet.

Anthony Caruana | 29 May | Read more

iVote – strategic threat intelligence approach to e-voting

Imagine taking one of the most important business processes within your business, making a revolutionary change to it and having to convince everyone that the process they’ve relied on isn’t nearly as perfect as they thought. That’s a challenge that was faced by Ian Brightwell, the CIO of NSW Electoral Commission.

Anthony Caruana | 22 May | Read more

Incident response lessons learned from 100 compromises

One of the great challenges of incident response is knowing what the best course of action will be before you start reacting in anger during a security incident. Who should you notify and when? At what point should things be escalated to a more senior level in the business? Should you shut down systems or delete virtual machines?

Anthony Caruana | 22 May | Read more

Can FIDO bring biometrics to consumers?

Information and system security is a complicated business that comes down to a few very basic concepts. Issues of trust and identity are central to effective information and system security. The trouble is, we often struggle to understand what these two things mean and have an even harder time trying to prove them.

Anthony Caruana | 22 May | Read more

AusCERT's entertaining speed debate

Nine debaters, six topics and a witty moderator keeping everyone in check – that’s how it works at AusCERT’s annual speed debate. Three of the nine speakers get to speak in the affirmative for each topic with another three arguing for the negative. Why is it speed debating? Each speaker only had 60 seconds to make their point.

Anthony Caruana | 22 May | Read more

AusCERT 2014 award winners

AusCERT's answer to the Academy Awards was recently held in front of a packed room at the Royal Pines Resort at the Gold Coast. The event was hosted by popular radio and television personality Adam Spencer. The four awards recognised the achievements of individuals and organisations that made outstanding contributions to the Australian information security sector.

Anthony Caruana | 22 May | Read more

Infosec 2014: No win, no break even, no escape

The three laws of thermodynamics – “you can’t win, you can’t even break even, and you can’t even get out of the game” – can be applied to hackers who only have to succeed once and get access to one piece of data for you to have lost, said consultant Dan Klein at AusCERT 2014 event.

Anthony Caruana | 22 May | Read more

Breach response is tied to big data

Scott McIntyre spent over a decade as the chief security officer for the oldest ISP and telco in the Netherlands. Now, he’s the chief security specialist for Telstra. His career has spanned Internet/IT security for nearly 30 years. He believes the Internet can be re-claimed by those who want to do good, and shouldn't fall prey to the creepy behaviour our headlines are being filled with.

Anthony Caruana | 22 May | Read more

AusCERT 2014 Kicks Off

Graham Ingram opened this year's AusCERT conference, the thirteenth, saying that the most obvious theme is that of you lose trust in security. "Where are you? What's left?" he pondered.

Anthony Caruana | 15 May | Read more

Product review – Ironkey Workspace W500

One of the neat, often forgotten, features that was introduced with Windows 8 was Windows to Go. Windows to Go is a fully self-contained Windows installation that can be run straight from a USB stick. The benefit is that a worker can take their personal settings and preferences with them on a USB stick, plug it into a computer, boot from the USB device and be able to work from any computer.

Anthony Caruana | 07 May | Read more

Today's Approach to Security is Broken

Over the last month I've attended four international events that have had a focus on security. And there's one data point that ought to have every CSO, CISO and CIO out there worried. Despite more money than ever being spent on security – and the amount is increasing – the amount of money being lost as a result of security breaches is rising at an even greater rate.

Anthony Caruana | 17 Apr | Read more