UK Cyber Strategy

Posted by : Rob Stevens | Friday, June 26, 2009 | Published in

Several sites are reporting on the UK government's recent announcement of its "cyber" attack and defence capabilities. The closeness of the timing between this announcement and a similar one from the US government may raise a few sceptical eyebrows, as will the likelihood that this is old news being pushed out by the government to divert attention from their recent failings and make it look like they're doing something worthwhile. I fail to believe that even our current beloved Labour overlords hadn't bothered to put something like this into place before now.

Or maybe I'm being overly sceptical.... I really should ignore politics. It just makes me cross.


Posted by : Rob Stevens | Wednesday, June 24, 2009 | Published in

I've just been reading about an interesting product from PKWare. SecureZip is your bog standard compression program with public key infrastructure bolted on allowing for encryption and/or digital signing of the contents. I haven't had much of a chance to use it yet, but setup was very easy, and hopefully I'll get an excuse to put it into action soon.

Nobody who has a clue what they're talking about disputes that encryption and digital signing are necessary technologies. They keep your data secure and un-tampered-with both in storage and during transmission across the Internet. The two main problems with encryption are:

1) It's a pain to set up - SecureZip gets around this. It's very easy to configure - all you need is an email address and it pretty much does the rest for you.

2) Persuading people to use it. I've played with several different encryption technologies before and very rarely end up putting them into use. This is because very few people care enough to bother using encryption and signing (until it's too late and they've had their data stolen).

This second point is the greatest hurdle. You can have the simplest setup in the world, but until you can persuade someone else to start using it there's not much point yourself. Yes, I secure my personal files locally - Transparently encrypting folder contents makes this simple, but the same can't be said of files that I'm sending to people by email, or any other transmission medium. An example that's occurred to me recently during my job hunting is my CV. I've applied for a huge amount of jobs, sending my CV to virtually all of the prospective employers. Whilst I have no real problem with them having the personal details contained in my CV, I wouldn't want those details to be available to all which, as a result of sending out my CV by plain text email, they potentially are. The problem here is that I doubt that the people on the other end would have the necessary systems in place to receive encrypted mail and documents, and as a result my application would probably be discarded. A widely used approach to problems like this is to 'educate the users'. No. I disagree. The Users aren't going to voluntarily do anything that makes their life more complicated. Most of them don't even understand why their work systems have to be password protected. The solution here (I think) is to not give them a choice. In this age of government idiots leaving the entire countries' financial data on a train or whatever, people handling sensitive data should be made to encrypt it. It's possible to do this transparently so that it doesn't impact them too much, and would make stupidity/carelessness based data loss less of a problem.

I'm probably preaching to the choir here. Those who know what I'm talking about agree, those who don't... well, don't.


Posted by : Rob Stevens | Thursday, June 18, 2009 | Published in

It's often said that the computer savvy are the worst at practicing what they preach, and in the case of a decent backup system I've been no exception. I decided that my lack of regular backups was probably pretty foolish and the result of just not bothering. I don't even currently have the excuse of no time. So, after a hunt through the different suggestions offered on LifeHacker I decided to give a solution called Mozy a try. It runs as a service in the background and after you've told it what you want backing up you can then just forget about it. I'm currently using the free version which gives me 2 gigs of remote storage space. Once I'm a bit more financially solvent I'll probably cough up the £6 a month that it'll cost to have unlimited backup space for 2 computers. My only gripe is that it doesn't work on Linux, so the Kubuntu install I have on my laptop still isn't as protected as I'd prefer.

However, whilst looking for this I came accross an excellent product called Dropbox. This is a file syncing application that works on Windows, Linux and Mac and allows automatic syncing of files placed in a certain folder across all computers. Files are transfer securely using Schneiers' Blowfish encryption. This is excellent for people like me that often work on the same thing on any one of 3 or 4 different machines and installations and saves messing around looking for things on file shares. Again there's a free version and again its 2 gigs. Well worth checking out.

Good stuff, bad stuff

Posted by : Rob Stevens | Tuesday, June 16, 2009 | Published in

Been a week of ups and downs. The Faith No More gig was amazing. One of the best things I've ever seen and I hope they keep going for long enough for me to see it again. I saw them at the Download festival, which seemed generally very good. The crowd seemed very relaxed and was clearly just there for the music, unlike other music fests I've been to where a large proportion of people going were just there to cause trouble.

On the down side, the job didn't work out. Got there to discover that I'd be pretty much lied to about what the job entailed and that they actually wanted someone with no technical knowledge or any ambition to sit and do mindlessly simple and repetitive end user support of the sort that could be totally eliminated if the end users were provided with adequate (or indeed any) documentation. It opened my eyes to how truly appalling some very large companies IT infrastructures (or in this case lack thereof) are. Dodged a bullet there methinks, however it does leave me in the rather unfortunate position of being temporarily unemployed. What I'd really like is a network technician position where I can start getting some experience and hopefully land myself a network admin/management position in the future. Unfortunately I seem to have graduated at the worst time in god knows how long. Any offers?

Oh Yeah and...

Posted by : Rob Stevens | Tuesday, June 09, 2009 | Published in

FAITH NO MORE ON FRIDAY!! Going to be amazing!

New Job

Posted by : Rob Stevens | | Published in

Got myself a job. First line IT support. Maybe not the challenge I was hoping for, but I guess one can't be too picky on the first one, and I'm sure it'll be easier to get a decent networking position from an IT job, rather than a bar job. It's temp to perm, so that gives me a chance to see what I think as much as it does them. Fingers crossed and all. It'll be nice to be working with computers rather than beer, and the latest I'll be working will be 7 at night. Maybe I'll have a time for a life again!

So, a week off before I start (first 2 weeks of shifts start at 7am. Guh!). Must try and make sure I don't spend the entire week playing computer games...


Posted by : Rob Stevens | Wednesday, June 03, 2009 | Published in

That's it. The degree is finally finished. Now the long wait for the results and the start of the job hunt. Not a great time to be doing it, but never mind. Now hopefully I'll actually have time to do stuff that people with lives do. Got a stack of books to get through - a friend gave me a load of Asimov and Arthur C. Clarke. And I should hopefully have more to say on here. Lack of posting recently has been down to lack of time to read anything but uni related stuff, so had very little to rant about!

Graduation is mid-July. Maybe I'll post a picture of me in a silly hat.