This post discusses four personas, the technical threats to them and their information via their smartphone, and some theory on how to defend against an increasingly capable and focused threat actors. If you find yourself matching one of these personas, following the recommendations below may serve you well if you…

A few months ago I told someone in the UK Government that a tertiary nameservice could solve a handful of problems — including the ones they were handling in relation to “how many domains? why? WHO? asset discovery!” A Tertiary DNS Server is a second secondary server. That is, a…

A deeper dive into some aspects of my other post about making URLs less important. This isn’t quite a ‘Part 2’, but more of an expansion of some technological nuances that exist today when it comes to individual services and mechanisms to deal with domains and URLs. This posts extracts…

URLs are bad for humans… so we should be tackling as many root issues as we can to help them, instead of suggesting technical solutions. Troy Hunt posted recently about humans being bad at URLs, which came about as a result of a bit of tooing and froing on twitter. …

This is the second post of a two-part musing by yours truly. The first post discusses how UK government technology interoperability is far from easy — some background, problem statement and caveats. This second post discusses what the future could look like. It is certainly not exhaustive. The technology is sort of already out there You can absolutely…

April 2020 in the United Kingdom is a strange time: a global pandemic where beyond the public health crisis and national security issues we see a mass movement away from offices and an over 95% reduction in public transport utilisation. Working from home, inaccessible ‘high side’ systems (surprise surprise, terminals…

We currently live in an exceptional time: a global pandemic where beyond the public health crisis and national security issues we see a mass movement to working from home. Various technological challenges are born from seismic changes to worker patterns/behaviours: geographical diversity is definitely one of them. This post is…

I haven’t posted (on Medium) for a little while but I was encouraged to write a post about how I handle my personal finances as someone who runs their own business and spends a bit of time researching such things. This is sort of like when I wrote ‘being safe…

The ‘exceptional access’ debate is an important one: how do authorised organisations (law enforcement, intelligence agencies and so on) legally and proportionally access encrypted conversations (and so on) without creating broken encryption models, inadvertent mass collection, unintended use or abuse while avoiding the creation of an ‘Achilles heels’ for exploitation…