Gânduri Eclectice – Eclectic Thoughts

Time flies when you're having fun. Measure spiders when you're not.

Articles

  • Book Review: HEAT

    HEAT is a not particularly well-known book by Arthur Herzog, published in 1978 and which I first read around 1980. This book made quite an impression on my (much!) younger self, and having unearthed it from a dusty bookshelf I gave it a fresh read. Herzog’s better known works include Earthsound and The Swarm –…

    Read more

  • Whatever happened to “Defence in Depth”?

    Today starts with reading about a couple of very old fashioned exploits from earlier in the week. So very old-fashioned that one is left thinking “Really?” Hard coded default credentials. Are we back in the 1990s again suddenly? A short, maybe slightly rant-y item here today. Critical default credential bug in Kubernetes Image Builder allows…

    Read more

  • Security Theatre: Rage, rage against the dying of the light.

    If there is one thing guaranteed to annoy me, it is SECURITY THEATRE; things which are done in the name of security but have little if any actual value because of the naïve way in which they have been implemented. Sometimes this is because of lack or thought or actual naïveté. Sometimes it is through…

    Read more

  • Non cogito, ergo non sum…?

    Every now & then something new and exciting-looking comes along. And it isn’t always obvious, without looking into it dispassionately and in great detail, just how revolutionary it really is. Or isn’t. Blockchain, for example, was supposed to solve all manner of problems. Many specialist blockchain companies sprang up. Some of them even still exist,…

    Read more

  • Password Guidance from NIST

    At the end of August 2024, NIST issued some new guidance documentation (SP-800). Of specific interest is their recommendations around passwords (in SP-800-63B) – because it conflicts with what many organisations actually do, and addresses a few bugbears of mine. Even with widespread adoption of Multi-Factor Authentication (MFA), passwords are not dead & buried yet.…

    Read more

  • Complexity: enemy of Security

    There is a lot to be said for the old maxim of KISS: “Keep It Simple, Stupid”. The complexity of modern systems often masks flaws that the creators of those systems do not notice, especially when several separate systems interact in complex ways. But someone may find them eventually, and if you’re lucky then it…

    Read more

Gânduri Eclectice – Eclectic Thoughts

Proudly powered by WordPress