I recently got embroiled in a discussion about NHS IT, and commented how people in the NHS need simple, cheap tools to help keep their head above water on maintaining systems, not necessarily complex security tooling. One practical example raised was website security, with a quick Google search revealing a number of websites under the … Continued
By the end of Friday, the first wave of the WannaCry Ransomware attack was over – a researcher (MalwareTechLab) had, in trying to gain further insight into the attack, inadvertently disabled its worst damage, preventing it “detonating”. The researcher wasn’t working alone – in fact, he was working alongside researchers all across the UK and … Continued
What do Points mean? All of our engineering team take part in our sales activity, and I’m unashamedly enthusiastic about this. It gives us real visibility of the market. It establishes a connection with our customers that’s hard to beat. Most critically, it forces engineers like me to keep thinking about the technology we build … Continued
Debugging is the method for finding and fixing bugs. Bugs are behaviours in a software system which are undesirable and counter to the programmer’s intent. You’d think, given the obvious importance of debugging in providing and maintaining quality software, that it’d be easy to find hundreds of good quality tutorials on the web to guide … Continued
A question was asked to us recently about the safety of email across companies, and it made us think that a more helpful way to answer this was not directly back to the person, but in an open way that might help other people to understand a little more about what happens when they hit … Continued
Yesterday LastPass issued a security notice. Surevine uses LastPass for some password management activities, including sharing credentials with some partners. Partners are advised: We are aware of the issue We have issued advice to all our LastPass users All our LastPass users were already using strong master passwords All our LastPass user use multi-factor authentication … Continued
RSA Conference – where the world talks security RSA Conference is one of the world’s largest conferences dedicated to security and information sharing, and there are ongoing events throughout the week to entice you in. At Surevine, we’ve put together our top 10 events not to miss at #RSAC 2015, so you don’t miss out! … Continued
Confused about what the technology behind the cybersecurity executive order means? Here are the top 10 things you need to know. 1 Trust Without its users’ trust, an ISAO (Information Sharing and Analysis Organisation) can only ever be a one-way medium, with information being published from the centre, and consumed by an unknown number … Continued
A little while ago, I wrote about some of the design principles of IMAP dating back 30 years. Since I recently came across a blog post explaining how slow SMTP is, it occurred to me there was plenty to learn from that too. Internet Mail is a really ancient facility. It dates back to 1971 at … Continued
The X.509 certificates used to prove server identity in SSL are changing, and it looks like many site administrators may be caught out due to a confusing error report in the latest browsers. SHA-1 digital signatures in SSL certificates are being phased out, and should be entirely gone by 2016 – but plenty of existing certificates … Continued