- Matthew Hackling
- Matt runs his own security consultancy called Ronin Security. His focus is information security management and he has a keen interest in infrastructure and web application security. He's a CISSP and the current Branch Executive of the Melbourne chapter of the Australian Information Security Association.
- ► 2010 (17)
- ► 2009 (56)
Monday, December 10, 2012
my personal blog hasn't had many updates!
Well a little update:
- I started writing a book on security operations that I hope to
electronically publish via amazon and or apple.
- working as a security architect full time at an institution
- my start ups appsecratings.com and ozsec.net.au are parked pending
some breakthroughs in time management
- doing a little work with Enex TestLab when I should be sleeping,
eating mostly with state and federal government
Wednesday, February 15, 2012
following then I'll die a happy "security purist":
-A CISO who is more than a sacrificial lamb. To qualify their tenure
must be of a serious duration and have survived a major security
incident or made quantifiable material risk reduction.
-An executive who thinks strategically about IT risk and doesn't "knee
jerk" after an incident or do the minimum to "cover their proverbial"
- a security solution that is well maintained and configure in line
with it's documented and approved configuration
- a project manager who will delay a milestone to ensure that a
security governance requirement is adequately met.
What things would you like to tick off on your infosec bucket list?
Wednesday, February 8, 2012
Wednesday, November 30, 2011
Monday, October 3, 2011
- I have written a product review which was printed and a few online
articles for IDG's publication CSO magazine. I'm now a regular blogger
on that site too. Do I qualify for a press pass? Hmm all readers
please report in on events I can "cover" especially those with
delicious snacks :) CSO seems to be taking off, much more so than my
little venture http://www.ozsec.net.au
- I've been thinking a bit about creating an open source security
operations maturity framework project inspired by OWASP OPENSAMM
project. Just need to find an organisation to help me champion it.
Something like this would really help to illustrate where on the
security journey an organisation is and where they would like to go. I
have thought of ISC2, AISA and the ISF but maybe it is SANS?
- my little business is developing, I've delivered a few successful
engagements and now I even have a glossy brochure.
Friday, September 2, 2011
- Plasma display, circa 1964, by Donald Bitzer for PLATO IV
- Touchscreen, circa 1964, by Donald Bitzer for PLATO IV
- Answer Judging Machinery, ?date?, a set of about 25 commands in TUTOR that made it easy to test a student's understanding of a complex concept.
- Show Display Mode, 1975, a graphics application generator for TUTOR software, precursor to Apple's QuickDraw picture language editor.
- Charset Editor, an early precursor to MacPaint for drawing bitmapped pictures stored in downloadable fonts.
- Monitor Mode on PLATO, 1974, used by instructors to help students, precursor of Timbuktu screen-sharing software.
- Pad and a few months later, system-defined Notesfiles, 1973, the first general-purpose computer message board, and precursor to Unix Newsgroups, Digital DECnotes and Lotus Notes.
- Talkomatic, 1974, a 6-person real-time chat room (text-based), precursor to Instant Messaging Conferences.
- Term-Talk, 1973, precursor to instant messaging.
- Gooch Synthetic Woodwind, circa 1972, A music device for the terminal, precursor to sound cards and MIDI.
- Airfight, 1974, a 3-D flight simulator written for PLATO by Brand Fortner; this probably inspired UIUC student Bruce Artwick to start subLOGIC which was acquired and later became Microsoft Flight Simulator.
- Empire, circa 1974, a 30 person multi-player inter-terminal 2-D real-time space simulation.
- Spasim, circa 1974, a 32-player first-person 3D space battle game
- Pedit5, circa 1974, likely the first graphical dungeon computer game.
- dnd, 1974–1975, a dungeon crawl game that included the first video game boss.
- Panther, circa 1975 by John Haefeli, a 3-D tank simulation and forerunner of Atari's Battlezone game.
- Build-Up, 1975 by Bruce Wallace, based on a story by J. G. Ballard, the first PLATO 3-D walkthru maze game. The maze itself was also 3-D, having holes in the floor and ceiling.
- Think15, circa 1977, 2-D outdoor wilderness quest simulation, like Trek with monsters, trees, treasures.
- Avatar, circa 1978, a 2.5-D graphical Multi-User Dungeon (MUD), a precursor to EverQuest.
- Freecell, 1979 by Paul Alfille, which probably spawned the Windows version.
- Mahjong solitaire, 1981 by Brodie Lockard, popularised in 1986 by Activision as Shanghai.
- Emoticons, by 1973
Wednesday, August 10, 2011
There are some major challenges with preserving privacy. If governments allow privacy for all, then criminals will have the ability to plan and commit crimes undetected by law enforcement. Does it all come down to judicial oversight?
I welcome your comments to enlighten me of significant incidents and issues that impact on an individuals right to privacy.
Some examples include:
Printer manufacturers embedding codes into printed materials - perhaps this was done to satisfy legislators worried about forgery of currency. A better solution is to prevent printers from copying currency by embedding a code into the currency
RFID chips in passports - These chips can be read at very long distances. Chris Paget illustrates
He got a read from 66m with easily accessible hardware.
Apple recording GPS location history in Iphone - so a large company is recording history of your GPS location by default on a fairly insecure platform that can easily be hacked.
Google recording location of Wireless Access Points, wireless clients via Street View Cars - At one stage Google could be queried for the MAC address of your mobile phone and if a street view car had picked it up its location could be identified (perhaps your home or work address).
If five years ago I would have warned of giant corporations and government tracking your location with hidden codes and chips in documents and wireless signals people would have called me a paranoid schizophrenic!