Thoughts on British ICT, energy & environment, cloud computing and security from Memset's MD
Summary / TL;DR WhatsApp looks great on face value and it’s underlying technology is awesome. However, there are some things about it which don’t add up for me, eg. it’s apparently non-existent business model and lack of open sourcey-ness. Further, our faith in it relies too heavily on one person, Moxie Marlinspike, who chooses to remain largely anonymous; a choice…
Following my posts on how to send and receive secure, encrypted emails in Thunderbird with PGP and how to add additional email addresses to your GPG identity, many of the people I’ve been encouraging to use PGP have asked how to decide what level of trust to set for someone’s key. The definitive guide is here here, a modified excerpt…
This is an addendum to my article on how to encrypt email using PGP and Thunderbird. I have many email addresses; my Memset one, my personal one (at craig-wood…), my Wood Tech one and others. All of these are tied into just one PGP identity which makes life much simpler both for me and also people wishing to communicate with…
A step-by-step guide to setting up and using PGP encryption with email for Thunderbird.
About government security clearances We have now got the security process down to a slick procedure with G-Cloud, and I’m sharing that in this post. In order to offer IL3 services to Her Majesty’s Government your staff that are involved in those services (eg. systems administrators, software developers, technical architects) need to have Security Clearance (SC). SC is a bit…
Nick and I have built a market-leading, multi-award-winning, multi-million dollar hosting/cloud IaaS company using entirely open source software and an “automate everything” philosophy. We have recently attained a cross-government CESG accreditation for our service under the G-Cloud project, incorporating the open source hypervisor Xen, even though Xen itself was not certified. Here are my views on why open source is actually more secure and reliable than alternatives.
I contend that the next stage of evolution of storage is “Just a Bunch of Disks” (JBOD), comprised of a range of media types with different performance characteristics, and with software doing the cleverness. In this first post (1 of 2) I shall address the resilience aspects of this evolution. RAID failings Large RAID (Redundant Array of Independant Disks) systems…
Infographic summarising cloud security including using cloud computing as a weapon.
Cloud security is nothing mysterious and the same approaches that one takes when verifying any supplier’s integrity should be followed. You should ask questions like: 1) Will the data remain within the EU (for data protection) 2) Who in the supplier organisation has access to my data and what control are placed upon them? 3) What checks does the supplier…
I’m very proud of my personal and corporate security. At work we use pwgen to create passwords, a sample of our tool is inset and you can access it yourself here. Our policy dictates that staff choose one for themselves and since we know it is cryptographically strong (ie. not based on anything guessable) we don’t require that they change…