Saturday Night in London

It’s about 9:30pm on Saturday.  I’m in a bar, on Hackney road in London, that I simply stumbled upon while wandering around.  It is an incredible place.  It is called “The Natural Philosopher” and I heartily approve.  It is an odd and slightly twisted cross between an old fashioned victorian study, and a curio shop.  I would take a picture – but this isn’t the kind of place you take a picture in.  It’s meant not for Facebook check-boxing, but for people to sit and be in the moment.  And here I am, in the corner, working away at the laptop.  Better than trying to snap pictures though.

I haven’t written here for a long time.  But I dream about it.  I live a kind of guilt-driven life in some ways – how can I write here, when there are so many other greater priorities, outstanding commitments, all the things people are waiting for me to deliver?

But, sometimes the time is right.  My world is a lovely place, I have an amazingly balanced life, whereby I have good measures of intellectual stimulation, external validation, loving support, and independent exploration.  There are frustrations too, but there always are.

I think I will write here again soon.  There is so much to talk about, amazing changes and improvements in the identity world, pushed by sometimes surprising forces.  And I’ve started playing with the Arduino, so there is wonder there that I would enjoy sharing.

In the meantime, I shall enjoy this strange, unexpected, odd bar in a place I have always wanted to explore.  Even if I am the strange one in the corner with a laptop, the screen probably gives me an even more surreal look than the decor…

 

 

 

 

 

When your Empire has no Clothes

How many data points does it take to call something a trend?  With the hack and subsequent data dump of the internal files of Hacking Team, a company most of us never even knew existed until this week, the world is getting to see a very public examination of the naked inner workings of an organization. This is the second time I can think of this kind of hack occurring.  The first was, of course, Sony Pictures.

Some number of hackers have turned two different organizations inside out from a digital perspective, exposing even the mundane stuff for public ridicule.  And some of the most harshly ridiculed practices of all in both cases involved passwords and credentials.

In the case of Sony Pictures, the effect was acutely embarrassing.  Scores of Excel spreadsheets, detailing personal, business, and IT system passwords, with filenames like “website passwords” and “usernames & passwords”.   When Gawker writes an article detailing what morons you are,  you know it’s bad:  http://gawker.com/sonys-top-secret-password-lists-have-names-like-master_-1666775151

sonypicturespasswordfiles

In the case of Hacking Team, enough data was dumped for both the obvious stupidity to come to light, but also for hashed passwords to be brute forced, to be gleefully revealed in horrific detail on twitter.  The examples below are (a) a dump of the admin’s Firefox password manager, and (b) an excel spreadsheet containing VPS credentials.

hackingteamexample2

hackingteamexample

 

 

 

 

So, let’s assume that this ‘dump and roast’ trend is really a trend, and will continue.  Perhaps it puts a little more personal skin in the game.  We all get lazy. We all take shortcuts.  But perhaps now that there is a risk that all those shortcuts get dissected at a later date, with a very sharp scalpel.

Trying to look competent during examination by your Future Hacker Overlords.  It’s an odd thing to imagine as a security influence.  But right now, it feels like it might become a thing….