BladeSec IA Logo


CLAS Consultancy
CESG Certified Professionals
CESG Certified Cyber-Security Consultancy

Company Information

Company profile
Certifications and qualifications
News and comment <
Why choose BladeSec IA?

Products and Services

Typical work
Specific highlights

Domestic Travel Advice


Contact us
Terms and conditions
Privacy statement

Archived news and comment from 2017.

Please note: Because this is an archive of articles published on the BladeSec IA website in 2017, not all links may work.

Comment: 2017/12/24 - Merry Christmas.
It's that time of the year where we need to take this moment to wish all our friends, acquaintances, clients and associates a very merry Christmas from everybody at the security shed.

Comment: 2017/12/20 - Domestic Travel Advice.
We've done it. With thanks to our friends in the security and intelligence communities who help us keep it up to date, we're delighted to present a PDF of the current 2017 version of Domestic Travel Advice. Merry Christmas!

Comment: 2017/12/15 - The NCSC Risk Management Collection.
NCSC has just published some long awaited guidance on risk management.

Comment: 2017/12/05 - Password use.
This is unhelpful, but at what point is the ICO an arbitrator of computer misuse? Clearly ahead of GDPR, the ICO is looking to widen it's scope.


Comment: 2017/12/04 - The Kaspersky Konfusium.
This doesn't feel right. At what point do former police investigators think that it's okay to tell stories out of court?

Comment: 2017/12/02 - Damian Green pornography allegations.
This isn't entirely representative of the (oddly) open letter to the perm secs or the actual guidance.

Do you notice a parallel here?

Comment: 2017/11/29 - Apple have taken their eye off the ball....
There are a number of stupid, annoying flaws in autocorrect in the latest iOS 11. But, it appears that Apple have really dropped the ball with the latest macOS 10.13 (High Sierra) update.

The latest flaw makes it possible to log into an iThing with admin credentials simply by providing the username of "root". The work around is to set a root password.

This comes hard on the heels of being able to recover passwords of encrypted volumes and dump the entire OS keychain - including plaintext passwords.

Does this raise questions over the quality of Apple software engineering? Especially when the flaw was highlighted as a feature in a couple of weeks ago.

Comment: 2017/11/27 - Media round-up.
Here in the security shed, we've been very busy, and so we've missed a few interesting security snippets in the last month or so:-

  • It took a week for Apple's new Face ID to get hacked.
  • Flaw in Winows 8 Address Space Layout Randomisation (ASLR).
  • AWS have launched a dedicated cloud service for US Government spooks.
  • There a (long overdue) new OWASP Top Ten for 2017.
  • Uber suffered a massive data breach - and then paid the hackers to delete the data.

Comment: 2017/11/20 - Domestic Travel Advice.
In the middle of 2014, BladeSec IA developed an internal policy that contained advice on travelling safely. It covered off different sorts of travel such as flying, public transport and driving. It included information on staying in hotels, exploring new places and preparing for travel. It proved to be so popular, that we made it available to friends and family - in order to help keep them safe.

Now, more than three years later, it's three times the size and is averaging two to three updates a year. The guidance always contained a section on terrorism, but it has taken a different slant in the last year to reflect the current modus operandi of terrorists in the UK.

It is our intention to publish either the Terrorism section, or (ideally) the whole text on-line before Christmas. There are some complications, but we are trying to work through them so that as many people as possible can get a copy of the guide.

Watch this space.

(And before anybody asks, the accompanying volume, Travel OpSec simply cannot be made available!)

Comment: 2017/11/19 - Malcolm Young.
January, 1953 to November, 2017.

News: 2017/10/27 - BladeSec IA on another framework.
BladeSec IA are delighted to announce that they have been successful in their application to appear on the Scottish Procurement - Digital Services - Dynamic Purchasing System, Lot 3 - Cyber Security Services.

The Dynamic Purchasing System is intended to support the Scottish Government's digital strategy.

Comment: 2017/10/19 - At risk period.
We're upgrading our mobile phones this evening, so we need to declare an "at risk period". Normal contact numbers may be briefly unavailable.

For those that are interested, we're ditching the well liked, but seemingly unsupported BlackBerry 10 OS and going to BlackBerry Android. We've been running the two in parallel for almost two years and it's obvious that the Android derivative is so much better supported with monthly patch bundles. It's been some months since BB10 got an update and as a security firm the position is untenable.

Comment: 2017/10/18 - Media round up.
It's been a while, so here are some very interesting recent developments:-

  • Subaru key fobs vulnerability.
  • Flaws in WPA2.
  • Potentially, much, much worse is the Infineon TPM flaw. Given the prevalence of HP and Lenovo laptops in HMG, it is worrying. Firmware patch page here.
  • SANS and NCSC have partnered to launch a new technical conference.
Event: 2017/10/12 - Security Risks - What's coming over the horizon?
ISACA event being managed by long term friend and associate, Rory Alsop.

Limited spaces left, but register here.

Rory and I are both speaking at a Cyber Career Development Event being held at Napier University, Edinburgh in November.

Also, registrations are also available to IISP members for the usual Scottish IISP Christmas Drinks. This year, is the first year that we've chosen to host them in Glasgow.

Comment: 2017/10/11 - Serious flaw in Outlook S/MIME.
When we were heading off to bed last night, we had got wind of a very serious flaw in the way that Outlook handles text S/MIME messages.

Comment: 2017/10/06 - We're back!
It's been a roller-coaster of a time - but we are back!

Blade Runner 2049: Wow! Rachel was special....

Comment: 2017/10/04 - Yahoo Hack.
Yahoo appears to have admitted that every single account under it's control was compromised. Even now, they appear to be downplaying it.

Event: 2017/10/03 - IISP Scotland - The Hallowe'en Special - Reminder.
Just a reminder that there's still time to register for the annual Scottish IISP Hallowe'en Quiz in Edinburgh. It's on the 10TH of October at 18:00. It's being held in our new Edinburgh Venue, The Mad Hatter. (8, Torphichen Place, EH3 8DU. Nearest station Haymarket.)

I can confirm that the five rounds of questions are:-

  • The easy security round;
  • The hard security round;
  • The trivia round;
  • The horror round; &
  • The urban myth round;
There might even be a prize in addition to being recognised as an authority on all sorts of inane facts by your friends and peers.

Remember that this is a Tuesday and not the usual Wednesday.

As usual, the event is open to all information security professionals, whether members of the IISP or not and tickets remain free.

Admittance is strictly by pre-registration only. For Health & Safety reasons you must register, as we have to provide the number of attendees to the venue.

Please register here.

Hope to see you there.

Comment: 2017/10/02 - Rest in peace.
Tom Petty: October 1950 to October, 2017.

I always preferred Tom's style of music over that of his peers. I could take or leave Bob Dylan, Neil Young, or even Jimi Hendrix. I even liked his transition into The Travelling Wilburys.

Comment: 2017/09/28 - Deloitte Hack.
Accountancy firm, Deloitte has been hacked. Seemingly, those involved had access to the internal network for some months and rumour has it that it's compromised most (if not all) of the administrator accounts, and the Deloitte's e-mail system.

Comment: 2017/08/25 - Going dark....
Whilst many readers of this weblog think it happens more often than it does, we will be going dark for most of September and possibly part of October.

Starting with a visit to the Home Office on the 8TH of September and subsequent citation to court (for the prosecution, ahem!), passing comment on information assurance is unlikely to be something at the top of my agenda. Hence, this site might not be updated until week beginning the 16TH of October.

Normal service for existing customers will not be affected.

Comment: 2017/08/24 - Dundee City Council worker convicted of fraud.
We've been undertaking extensive threat assessment work for one of our clients recently as a result of them wanting to migrate some sensitive criminal justice data into the public cloud. (Yes. It can be done safely!) But what is clear is that whilst there is a huge focus on cyber attacks, cloud security and GDPR, old fashioned insider fraud is actually still very profitable for the criminals - at least until they're caught.

In discussions with the National Cyber Security Centre regarding the same project, they agree with our assessment:-

  • IAM is of paramount importance, but segregation of duties needs to be watertight - so that, for instance, a developer who is able to commit code, cannot then promote it through the path to live and into production without suitable secondary approval and inspection.

  • The complexity of software managed infrastructure is a huge concern. Complexity is an enemy of good security and IaaS makes it easy to build incredibly complex networks. It is better to have a simple design and keep it that way.
Comment: 2017/08/24 - Planet Rock and geolocation.
Let's just say that the staff at BladeSec IA are all of a certain age. It's that age where Planet Rock never plays a song that isn't recognised and doesn't recall a story or situation.

Oddly, it stopped working this morning, and on further investigation, it turned out that despite our IP geolocation being set to Alloa, the CDN thought that we were outside of the UK and so it asked for a post code. Ignoring the fact that this can easily be faked, we put in the post code for the security cartshed, and the music started again.

About an hour later, I suddenly realised that I was listening to an advert about Childrens Panels in Scotland. Something that would have been entirely irrelevant to England and Wales.

Was Planet Rock serving up adverts based on my post code? Possibly....

On a similar note, STV Player clearly - and very annoyingly - serves up a different spread of adverts than on live TV. Those adverts seem to come from a much smaller pot, and so James Cosmo offering financial advice from his RBS benefactors is getting to the stage of being filtered out.

Comment: 2017/08/19 - Barcelona.
As I was going to bed, there were reports coming in that a van had been deliberately crashed into people in a popular part of Barcelona.

I woke up to news that about a dozen people were dead and dozens more injured. To me, it demonstrates how much Daesh are on the back foot that they have to resort to taking responsibility, for what appears to be an attack in their name rather than planned by them.

Once again, the fashion conscious driver was wearing a fake bomb belt. The press are reporting this as a deliberate ruse to dissuade armed responders from shooting them. Having previously worked alongside such a team, I should perhaps enlighten potential terrorists.

It doesn't work. You'll simply get shot in the head and generally, your closest relatives will be unable to identify you facially afterwards.

Think on that.

We are not afraid.

Comment: 2017/08/15 - The Scottish Government under brute force digital attack.
Following on from the attack against the UK Parliament, BBC News are reporting that the Scottish Government is also coming under attack.

Event: 2017/08/11 - Scottish IISP Branch Meeting - The Annual Hallowe'en Special.
BladeSec IA are delighted to announced that a bit earlier than normal, we've released the tickets for the annual Hallowe'en Special.

Needless to say, it's so early, we don't know quite what format it's going to take this year, but undoubtedly it'll be the usual jolly japes and high jinks.

Register or see more information as it's added here.

Comment: 2017/08/04 - Marcus Hutchins (AKA MalwareTech) arrested at Black Hat.
The world isn't polarised into good guys and bad guys. Some good guys occasionally do bad things and sometimes bad guys can be heroes too. It'll be interesting to see how this pans out.

Comment: 2017/06/26 - Parliament under sustained digital attack.
Further to the news reports from Saturday, we have now learned that "up to 90 e-mail accounts were compromised on Friday". The Parliament issues this statement.

Comment: 2017/06/24 - Parliamentarians logins up for sale.
The Times are reporting that Russian hackers are trading the login credentials for MPs, civil servants and police.

Comment: 2017/06/21 - IASME Hacked?
El Reg is suggesting that the Pervade Software platform used by IASME for the Cyber Essentials scheme has been hacked. We've not been told, and there's precious little in the press. There's nothing on the IASME web page or Twitter page.

If it's true, it's really not a good advert is it?

BladeSec IA will shortly be renewing our Cyber Essential's certification, but it's unlikely to be with IASME.

Comment: 2017/06/20 - Finsbury Park Mosque.
Once again, the UK has woken up to details of another terrorist attack. This time, a van was driven into people walking near Finsbury Park Mosque after tarawih prayers.

I had a friend that was married at Finsbury Park Mosque. The celebration - held at London Zoo - immediately afterwards was one of the most multi-cultural events that I had ever attended. I was very proud to see my friend and his fiancé married that day. My wife and I were accepted warmly by the Asian families that day.

Jump forward to the present day, and this latest attack shows a complete ignorance of the interfaith work of the Mosque and the tolerance of Islam.

We are not afraid.

Comment: 2017/06/05 - London Bridge and Borough Market incidents.
It's been some time since the UK faced a similar period such as now. In those times, it might have been Irish-related terrorism that was the main harbinger of horror, but events over the weekend show a different side to current times.

It was bad enough to target children in Manchester, but the three individuals responsible for the latest incident decided to wear fake bomb vests. They wanted the image without the effort. Since when did "terrorism" become a pathetic fashion statement?

The police responded, "robustly". Eight minutes after the first 999 call, the three perpetrators had been killed in a hail of fifty rounds.

Seven people died that night at the hands of three idiots that should have been at home breaking their Ramadan fast with their friends and families - had they been true Muslims. Instead they pretended to be freedom fighters and stole the lives and futures of seven innocent people.

We're still not afraid....

Comment: 2017/06/02 - Not quite an at risk period.
This weekend sees our office move to a historic part of Dollar. We're doing this to get better access to Glasgow and Edinburgh.

We don't expect there to be any customer facing technical issues (and indeed, the new FTTC DSL is already in and functioning), but we thought we'd better mention the office move. Customers will receive notification of the new address and contact details shortly, if they haven't already been told.

Comment: 2017/06/01 - Edinburgh University E-mails.
This would be quite funny if it wasn't so serious. Something about the response doesn't add up. A system error that ties up the registration for a graduation ceremony with the number of credits a student has attained. It's been a while since I worked in tertiary education, but that seems to be in breach of my "just because we can, doesn't mean to say we should" rule.

Busy week this week!

Comment: 2017/05/31 - Another blow for the US Intelligence community.
Something about this doesn't feel quite right. But hey ho. Cloud's great isn't it?

Comment: 2017/05/28 - End of at risk period.
The migration to G Suite went okay. There's some "nuances" that we're still working out, but normal service has been restored.

The Register has an interesting discussion on the Investigatory Powers Act 20116.

Comment: 2017/05/26 - At risk period.
This weekend, ahead of our office move next weekend, we're migrating our e-mail to some new cloud technology (Why is IMAP functionality in Outlook 2013 so rubbish?). For that reason, we are declaring this an "at risk period". It is feasible that for the next 48 hours, e-mails to the domain may bounce. Customers on 24x7 contracts should use the secondary communication channel as the primary until 08:00 on Monday the 28TH.

Comment: 2017/05/25 - The "Judy" malware.
Check Point have released an advisory and analysis of a recently discovered form of Android malware. The interesting thing is that this appears to have gone unnoticed on Google Play Store since 2016.

Comment: 2017/05/23 - Manchester.
Once again, the UK went to bed, or woke up to news of a horrific terrorist attack at an Ariana Grande concert at the Manchester Arena.

At the point Daesh thinks that it is acceptable to raise it's strategy of horror by attacking a concert by a singer that appeals to young girls, it shows that it's already lost. The forbearance exhibited by people all over the world, in the face of Daesh attacks will not change.

We are not afraid....

Event: 2017/05/15 - IISP social and networking evening - Edinburgh, Scotland.
Open for registration from non-members at our new Edinburgh venue!

Comment: 2017/05/15 07:40 - WannaCry Ransomware Worm - Update 6.
Piers Morgan has responded in a particularly narrow minded manner. He has no concept how complex computer networks are, and the political intricacies of the situation. Undoubtedly, he'd be the first to cry foul if he discovered that there is more spent on IT in the NHS than on cancer care. Guess what? This is not black and white.

This was an entirely predictable situation that was beaten by the number of security professionals (on CiSP and other places) working together, over a weekend to limit the impact.

Guess something else.... it'll happen again. Anything that is man-made has minute flaws that show it's hand crafted nature. Anything that's man-made is exploitable. It's about staying one step ahead of the bad guys - and sometimes we get it wrong. And sometimes those that should be protecting us get it wrong.

Comment: 2017/05/14 15:40 - WannaCry Ransomware Worm - Update 5.
Well done to the security researcher / idiot who simply hex-edited the file to produce a new variation. It's not in the wild, but its on VirusTotal.

Comment: 2017/05/14 12:40 - WannaCry Ransomware Worm - Update 4.
Most of the press that I've seen are reporting this wrong. This is not entirely as a result of using Windows XP. This is as a result of the NSA stockpiling vulnerabilities, and then not keeping them secure. They get stolen and the resulting vulnerabilities are weaponised.

The fact is that MS produced a patch in March. The issue that many organisations haven't rolled it despite being halfway through May isn't entirely unreasonable. Every organisation has complexities, nuances and issues.

Comment: 2017/05/13 09:30 - WannaCry Ransomware Worm - Update 3.
Microsoft have released a patch for Windows XP. This is unprecedented.

Comment: 2017/05/12 23:30 - WannaCry Ransomware Worm - Update 2.
A security researcher has declared that it has a kill switch sinkhole domain. I'm not going to list the domain as it's compromised, but this doesn't read like a kill switch. It's a "go-switch".

The code for the worm is not well written. It's using a zero-day disclosed by the ShadowBrokers as part of the alleged NSA stockpile. It's been written quickly and badly. The infections that we're seeing now could simply be devices who for one reason or another have been unable to see the sinkhole.

Was this designed to specifically take out the NHS on a Friday afternoon? Unlikely, as Spain (and specifically Telefonica) was the first to report but this looks like it is going to get much aworse before it gets better.

The great thing about the NHS is that they care less about confidentiality than integrity or availability. Encrypting files suggests that the data hasn't been stolen, but it's hitting availability harder than anything.

Comment: 2017/05/12 21:40 - WannaCry Ransomware Worm - Update 1.
More analysis suggests this is spreading through open SAMBA shares virulently. There is speculation that this is caused by individuals using unprotected public access WiFi spots and then bringing their laptops back inside the corporate network.

Comment: 2017/05/12 20:40 - WannaCry Ransomware Worm.
So this is bad. Short answer: Install the patch for MS17-10 and disable SMB v1. Block the SMB ports (TCP 139, 445 and UDP 137, 138) on security enforcing infrastructure. Do not present a SAMBA share to the internet.

There's some good analysis here.

At the minute, it's unclear whether the initial delivery is by brute forcing an RDP session or a compromised Office or PDF document.

Comment: 2017/05/12 - Malware.
I was originally going to mention the dodgy Conexant audio driver that has silently been keylogging everything on a number of HP laptops to "c:\users\public\MicTray.log". It was even mentioned on the news on Planet Rock. As I type this, the various security channels are full of material relating to a variation of WannaCry attacking the NHS.

Off to investigate.

Event: 2017/05/03 - IISP social and networking evening - Edinburgh, Scotland.
The Scottish Branch of the IISP are delighted to announce that following a short break, we're back in Edinburgh at a new venue on the 13TH of June.

The registration for members is live. Non-members will have to wait until the 15TH of May to register. Please note that this event will be held on a Tuesday rather than a Wednesday. We're inhabiting the downstairs room of The Mad Hatter, near Haymarket.

More information is at the usual place.

Comment: 2017/05/03 - Google Docs Attack.
Google never thought to block a third party from calling their application "Google Docs". As a consequence, if you get an e-mail containing a link to a Google Doc, don't click the link. It's a very sophisticated attempt to give fraudulent access to your Google Account. There is some speculation that it's a targeted attack against journalists, however we had a number of phishing attempts here at BladeSec Towers.

Comment: 2017/04/29 - ICO Fines.
We've been working closely with NCC Pen Testers recently, who highlighted this facet of information. The gist of it is under GDPR, the fines charge to UK businesses would be 78 times as much - a total of 69 million. Ouch!

Comment: 2017/03/23 - Westminster, London.
My family and I came back from London last week. We had been down to see Loreena McKennitt at the London Palladium. I do recall, there was one point, whilst on a tube train, where it crossed my mind, what if? My internal risk assessment concluded that we had been too lucky for too long. The same risk assessment concluded that statistically, crossing the road remains far more dangerous.

This doesn't help those that were caught up in yesterday's tragic events and our deepest sympathies go out to their families.

At this dark time, remember one thing: In the moments after the attack, dozens of people ran in to help strangers with no thought for themselves. On the other hand, it was a single, sad, lonely individual who tried to break our spirit.

We are not afraid....

Event: 2017/02/23 - IISP Personal Development and CCP Briefing - Edinburgh, Scotland.
The Scottish Branch of the IISP were delighted to hold their biggest event so far. Hosted by the 5TH Military Intelligence Battalion in Edinburgh, the personal development event incorporated the first ever CCP briefing north of the border. This was regarded as a coup by the branch chair as it was also the first since the creation of the National Cyber Security Centre.

An exceptionally strong team of speakers were fielded on a variety of topics. The first speaker is well known to the IISP community, Marie H-W, the accreditation manager, spoke about the Institute and CCP in general as well as some of the activities that the members never get to hear about. NCSC spoke next about the value of CCP, it's future and how it will develop. Changes in the IISP Skills Framework and the Knowledge Framework fell to Pete F to discuss.

Following coffee, the topics became slightly more generalised including insights into securing agile developments from Paul C of the Scottish Government and the magnitude of cybercrime from Eamonn K of Police Scotland.

The briefing was exceptionally well attended, with little room for the guests from the Intelligence Corps who also attended. The afternoon ended with the distribution of packets of shortbread and bottles of whisky to the speakers. It was just a shame that the majority of them were flying, and had no hold luggage. This meant that the whisky could only come in one size - miniature!

The feedback has been universally positive and there has been some talk of repeating it again next year. Perhaps when the Scottish Chair has recovered!

Event: 2017/02/08 - IISP Personal Development and CCP Briefing - Edinburgh, Scotland.
The Scottish Branch of the IISP is delighted to announce the first ever Personal Development and CCP Briefing, to be held in Edinburgh, EH7 on Wednesday, 22ND February from 14:00 until 18:00.

Whilst the venue and the identity of the presenters currently remain under embargo, if you hold the CESG Certified Professional qualification, we know that you will want to attend, with representatives from NCSC and the IISP coming to speak about the future of the qualification.

Other speakers include representatives from Police Scotland, the Intelligence Corps along with one or two surprises. We hope to participate in one or two shenanigans too - all of which will provide delegates with CPD points!

Due to the anticipated high demand for the event, this is open to IISP members only.

Please register at the usual place.

Comment: 2017/02/07 - Hacking the Cracker.
We know that in January, a hacker broke into Cellebrite's network and stole approximately 900Gb of data. Cellebrite admitted as much.

Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones.

On a completely unrelated note, this is a fascinating read.

Comment: 2017/02/06 - Data held by US companies.
A new development. And a very scarey one for out-sourcers. Google plans to appeal.

Comment: 2017/02/04 - Interesting analysis of FaceBook's collection of data.
A new article that appears to be well researched.

Comment: 2017/02/03 - Protecting information across government.
So. This is doing the rounds in the news today.

There are a variety of different ways of reading it - depending on your own views.

When does the revolution start?

In a slightly unrelated note. I found this very funny.

Comment: 2017/01/01 - Privacy Sheild Vs POTUS.
There's been some speculation that one of President Trump's Executive Orders may have significantly adversely impacted on the fairly new, Privacy Sheild.

One good, legal view is here.

Comment: 2017/01/31 - Another physical cyber-attack.
A luxury Austrian hotel has been hit by a "cyber-attack" that apparently prevented guests accessing their rooms.

News: 2017/01/27 - Digital Marketplace.
BladeSec IA Services are delighted to announce that they have been successfully listed as a supplier on the "Digital Outcomes and Specialists 2" framework run by Crown Commercial Services.

Director, Owen Birnie said, "With the demise of the CLAS Scheme and the slow uptake of the replacement CESG Certified Cyber Security Consultancy, we were always keen to get more cost-effective ways to market. The Digital Outcomes and Specialists Framework appears to meet this requirement and will allow our public sector customers an efficient method to engage with us."

More information on the framework is available here.

Comment: 2017/01/26 - Unsecure Android and the American President.
The New York Times published this story, that the media (WIRED story here) have taken to conclude POTUS(*) is using an unsecured Android mobile phone.

A more down to earth analysis from Bruce Schneier.


(*)POTUS - The President of the United States in Twitteresque.

Comment: 2017/01/20 - The end of the PSN.
I think that it's fair to say that we've predicting this for quite some time. I guess the GCN carriers must be fuming. And what about the Police? There are interesting rumours going around about them. Not to mention what's going to happen to SWAN.

So in the medium term, all the segregation that (particularly) local authorities undertook to keep the PSN away from schools, social workers and (a long time ago) courts can be undone. What about those organisations who provide PSN services? They'll have to architect yet another new network topology to get the benefits? What if they've hardcoded in PSN IP addresses.

Whilst most will welcome the end of the PSN, untangling the knots of years of GSI, GCF and PSN compliance won't be easy.

And on the other side: What about those poor security people who's only hope of getting any investment was when they said, "We need it for the PSN otherwise we won't be approved". Will this lead towards a general weakening of defences in the public sector who are already struggling to maintain budget approval?

Perhaps another double edged sword?

Comment: 2017/01/19 - Cybercrime figures in England and Wales.
This is fascinating reading. I wonder if we would ever get something similar north of the border?

Comment: 2017/01/18 - Detecting Android malware.
An interesting story on The Register.

Comment: 2017/01/13 - Backdoor in WhatsApp.
The Guardian has reported that WhatsApp has an NSA installed backdoor.

This is a good piece on why it's not.

Comment: 2017/01/03 - Never under estimate the powers of large numbers of stupid people.
I just wanted to clarify our tongue-in-cheek statement about the number of stupid people we had encountered whilst working in our "happy new year" post.

We would never call our customers stupid, but in the last three years, whilst on engagements, we had note to highlight to the BladeSec IA management team, three occurrences where we've had to seek advice on how to proceed.

The first was during a procurement where we were asked "just for a quote with a number of days and a cost". We provided a bit more than that (taking two days to generate the proper proposal for the work), and yet we failed to get the job because the preferred bidder had some obscure qualification that was irrelevant for the job and wasn't listed under the evaluation criteria. Had we known it was required, we could have addressed it, but it was not asked for and just demonstrated that the procurement exercise was a fit up. If the individual had been honest, we would have been happy to provide a short-form quote. That way, they could fulfil their "three competitive quotes" criteria. It would have saved us two days of work too.

The second (and indeed third) was a MoD contractor who asked for a pre-sales meeting to discuss how to accredit a cloud solution for a military system. It's something that we're familiar with, and so we met, had coffee (which we paid for), gave them some advice, highlighting the benefits that engaging with BladeSec IA could bring to the whole scenario. Two weeks later we received an e-mail from their legal department asking us for details of our indemnity insurance - despite the fact that there was no contract.

Apparently, the individual concerned had gone back to their boss, and cited our advice as gospel. As part of a data transfer (something that we'd never discussed!) to the cloud there was a small data loss. The individual then tried to blame us as we had failed to disclose this requirement. Whilst not wishing to alienate anybody, that took a few meetings to sort out - and I'm pleased to say that they agreed that liability did not rest with us.

So that was the second stupid individual. The third instance was when he phoned asking for another pre-sales to discuss a "big contract". I don't often hang up on potential sales calls, but I did that day.

No customers were harmed in the writing of that statement!

Comment: 2017/01/01 - Happy New Year!
Once again, as the clock ticked past midnight, BladeSec IA Services became another year older as we celebrated our fifth birthday.

That means that it's time for our irreverent look at the last twelve months:-

  • Miles to closest job: 200 yards.
  • Miles to farthest job: 618.8 miles.
  • Largest number of miles covered in a single job: 1453.6 miles (still at no cost to the customer!)
  • Number of products sold: Nil.
  • Number of different BladeSec IA services sold: 3.
  • Amount of money received for anything other than consultancy: £nil.
  • Number of customers assisted in the last twelve months: 6.
  • Number of individual projects worked on: 27.
  • New customers: 1.
  • Number of tenders submitted: 2.
  • Most interesting place visited: Probably still Edinburgh Castle!
  • Value of donations made by BladeSec IA to support good causes: £680.
  • Number of stupid people encountered whilst working: 3.
  • Number of times the BladeSec IA management team watched the leader for "The Grand Tour": 8.
  • Number of times we've explained that we do more than "cyber": 1,000+.
Click here for older News & Comment.