Authentication flaws and responsible disclosure When I worked for the local council it was part of my job to review software and systems that were going to be installed or implemented. On one occasion that led me to review a door entry system that was being offered as part of a tender, and I found
cyber security Security questionnaires Security questionnaires seem to be never-ending, and present a number of challenges. Here's my experience, along with some tips.
review Review: Keychron K8 Pro (part 1) I recently bought a Keychron K8 Pro, and here's what I think so far.
eVitabu dev week eVitabu dev week, January 2024 A summary of the development progress made in January 2024's dev week.
review Review: Soundcore by Anker A3i earbuds My original earbuds broke, so I replaced them with a set of these.
AI Using Microsoft Co-pilot to help retrieve a password After forgetting a password that I needed, but being certain I remembered bits of it, I turned to Microsoft Co-pilot to help me write a script to brute force the password.
training CPE / CPD tips Tips on how to develop your knowledge and collect those important CPE credits.
how to "Cecil build" requires intl support ✅ This is a quick post to just address a single issue. If when doing cecil build you get the following error: [ERROR] The Symfony\Component\Intl\Locale\Locale::setDefault() is not implemented. Please install the "intl" extension for full localization capabilities. You're missing a PHP extension that Cecil needs. Solution
review Review: Soundcore by Anker Life Q30 headphones After two years of use, I figured I'd review these.
Human Firewall Conference Human Firewall Conference 2023 A summary of my notes from the SoSafe Human Firewall conference, November 2023.
ISC2 Secure Software Development ISC2 Spotlight: Secure Software Development conference - day two Yesterday's conference sessions were interesting (you can read about them here), and today is the last day of the conference. Today's agenda: * Secure by Design: CISA's Plan to Foster Tech Ecosystem Security * SigStore to Secure the Code Supply Chain * What You Need to Know About the EU Cyber Resilience Act
ISC2 Secure Software Development ISC2 Spotlight: Secure Software Development conference - day one ISC2 (formerly (ISC)²) ran an online only "spotlight" (conference) on secure software development this week on the 8th and 9th of November. As this directly aligned to my work's industry (I work for a software development company), I took the time to attend this. ISC2 members were able to attend
SSO Single sign on: why it's good for account management Single Sign On (SSO) is a mechanism for authenticating to separate systems using a single identity (you can read the Wikipedia article & definition here). Ever seen the "login with Facebook" or "Sign in with Apple" type buttons on websites? That's SSO at work. In this post I'm going to cover
work Starting a job in a hybrid working environment In 2022 I changed jobs and started working for a company that only opened the office three days a week. Here I reflect on that process after over a year.
review Review: Viewfinder (game) In Viewfinder you move around the world collecting photographs, and later taking them with a Polaroid camera. You then use the photos in your collection to solve puzzles ranging from "how do I get over there?" to "I need three batteries to power this teleporter, but I can only see
how to Azure Static Web Apps and HTTP security headers Azure Static Web Apps is a simple service provided by Microsoft Azure that allows you to serve a website without needing to manage the underlying web server. As the name implies, the website needs to be static, i.e. you can't use PHP or other server-side code to generate the
eVitabu dev week eVitabu dev week, March 2023 Progress made during the eVitabu dev week in March 2023.
duolingo Duolingo: thoughts after over 1,200 days I've seen a lot of changes in Duolingo over 1,200 days using the app.
AI Playing with Google Bard: writing prose In a previous post I mentioned my early experiments with Google Bard. In May and July I decided to test Bard when it came to writing some prose. Rest assured though, my blog posts will always be written by me! Note: If I've quoted Bard output I'll place it in
infosec 2023 Infosec Europe 2023, day 3 Thursday was the final day of the conference and I managed to attend a lot of sessions, some that I hadn't originally planned. Keynote: Malicious Innovation - What We Can Learn From Hackers Our keynote speaker today was Keren Elazari who highlighted to us that hackers force us to evolve.