All posts in Awareness

deutschlandfunk

old time radio
At the end of last year a friend gave my contact information to a radio producer with an interesting project. She wanted to learn as much she could as you can from a person through different means:

  • Getting his writing analyzed
  • Getting his voice analyzed
  • Using a private detective to follow him for a couple of days
  • And of course the digital perspective (which is where I tried to pitch in)

Basically we had a target (which gave us written permission to hack him and his systems) and the idea was to go, collect all the information we could from his online presence, hack any of his accounts and / or his personal computer. One of the things we had in mind, was since “the Target” was one of the producers, is that we didn’t want to kill any of his devices.

Keep Reading →

Workshops in Cologne

I’m going to be giving to workshops in Cologne in July, with what I think are really fun topics: WordPress Security and Hands-on security for beginners.

So embrace this opportunity to learn some hacking or security for a one time only startup friendly price

Keep Reading →

Launch of Practical security

This is a topic that I have been thinking about for a long time and finally started creating some content for it. The idea is to create a series of posts, workshops and presentations that will help create security awareness at many levels. The topics will go across the board but I will be starting with those I think will have a greater impact in reducing the amount of low-hanging fruit out there.

Keep Reading →

Social over-sharing

Image from www.avgjoeguide.com

In some parts of the world over-sharing or just sharing information about you, your life-style and family can be really dangerous. There are many types of information one can over-share on the Internet, typically on social media sites like Facebook, Twitter, Google+ or Foursquare :

  • Personal information, for example: name, maiden name, birthday, schools we attended, who are our friends and family, pictures.
  • Geo-location or location information: this information tells people where you are and where to find you. Keep Reading →

Smart phone / mobile phone tracking and privacy

The first hand-held mobile phone was demonstrated by Motorola in 1973 and since 90s, mobile phones have become one of the technologies that have the biggest impact on the way we live. Cell phones or mobile phones have reached an impressive 96.2% of the world population and have penetrations rates of over 100% in developed nations. This information technology has spread faster that any other, including TV, Radio and the Internet. Can you remember how we lived before cellphones?

Keep Reading →

Implementing effective controls: Venezuela to block stolen mobile phones

Even though a don’t agree with many of the decisions and laws created in Venezuela, I think this is great example of implementing a control for a big risk. Keep Reading →

What is X in English please!

Reading through the Red Hat Magazine I found an article with something of a Dejavu: user awareness and “education”. I’ve read it, heard it and said it a billion times; if we can’t make the users aware of the risks that they are exposed to on a daily basis, of some basic concepts, we are all screwed!. I bet all of you have lived at least once to be sitting in an class room, auditorium, web cafe or any other place and the guy or gal next to you just smacks you with the most basic of questions: What is X? in English please! That’s the moment when one of two things happen:

  1. You turn around and look at him with anger and think what the hell is this specimen doing attending this class/talk/presentation/name it?
  2. You remember about that user awareness thing you’ve read about in so many articles and books before , give him a short answer and after it’s all over you try to break this poor soul the basics

As I stated before if we can’t make the users understand a bit of how a computer works, if we can’t help are colleagues, family & friends get the basic concepts of the machine and the network they have at fingers it’s a fight we cannot win. That is because the “bad guys” are going to target them and they are just to many. So when ever you get 5 minutes to work as a multiplier, to break some basics to your users, or better yet are in position to start program in the office do so. The world and all fellow security / technology savvy people will thank you.