Fair warning

Wow. Where did Q1 go? Not on blogging obviously :-)

Well, after four years on one assignment I finally get to try something new from the end of next week. It's been a primarily fun and worthwhile four years and I've met some good people in that time (just in case any of my current colleagues are reading!) but it's been tough and I'm looking forward to a new challenge. I'm also looking forward to an assignment that will give me a bit more time to concentrate on this blog and posting a little more regularly than once a quarter.

So, what prompted me to come out of blogging hibernation? High profile hacks! By which I'm thinking HBGary Federal, RSA and Comodo. I can't remember a time when three such hacks happened in such a short space of time and received this amount of publicity. Which is the most interesting? Hard to say. HBGary Federal was interesting because of the contents of the email spool that Anonymous released and the somewhat embarrassing implications for the likes of Bank of America and Morgan Stanley.

Is RSA interesting? Hard to tell as they've been very quiet about what was actually accessed during their compromise and so their customers are in limbo. So, it's interesting in so far as a high profile security firm got 0wned; likely to be more interesting once it becomes apparent what was purloined by the attackers. C'mon RSA, help us all out here!

But the Comodo hack; now that is certainly interesting. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html for details. Almost certainly laying the foundations of a larger hack and demonstrating why the core security measure for most Internet users (SSL) should not be relied upon as strongly as it currently is - it certainly shows that certificate authentication is worthless without strong registration processes and capable registration authorities. To be fair however, and in direct contrast to RSA, Comodo have at least been forthright in explaining the implications of the hack and the certificates issued.

Anyone can get hacked, including those we trust to secure the Internet, so here's hoping that more organisations follow the Comodo approach to notification than the RSA approach.

See you in Q3 :-)