It's voting day in the UK - and this vote does matter.
With a group associated with WikiLeaks threatening to compile databases of verified users and their families - is verification really serving its goal?
One of the world’s most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists.
Basically, if you’re a journalist working for a national or international news organisation, update your iPhone or iPad as soon as you possibly can.
The New York Times' journalists have drawn the eye of Russian cyber attacks, reports CNN
What’s curious though is how the mainstream media have not really talked very much to security experts. Yesterday, I listened to the BBC Today programme—this clip in particular. It featured an interview with Labour MP Hazel Blears (who was formerly a minister in the Home Office) and Oliver Parry, a senior corporate governance adviser at the Institute of Directors.
And what the latter has to say is not what you’d call accurate:
This attack was a simple SQL injection attack. That threat isn’t “changing hour by hour, second by second”. It’s basic, common sense security that every software developer should know to mitigate, that every supervisor should be sure to ask about during code reviews, and that every penetration tester worth their salt will check for (and sadly, usually find).
The short version: TalkTalk’s website security appears to have been terrible, and by allowing inexpert talking heads to distract from that, we’re failing to report the true story – corporate security failings – rather than some vague idea of cyberjihadiis, which seems to have been nonsense all along.
Tim Berners-Lee created the World Wide Web, but he's more interested in helping society adjust to it than controlling it.
Four good reads on journalism, jobs, security and consumption that I think are worth your coffee time this morning
Buzzfeed's online quizzes are just a bit of fun, right? It's not like that data's being captured anywhere…?
I've switched away from Gmail as my main work e-mail provider.
Microsoft has accessed a blogger's e-mail to race a leak