Best of Securitycurmudgeon.com 2012 to 2014

You may have missed on of securitycurmudgeon.com’s post in the past or perhaps you started following later and missed earlier posts.  Whatever the reason,  I thought it would be interesting to recap some of the sites best past blog posts.   Some are still relevant and it’s interesting to see how security and privacy change over the years.  Many posts did not make the cut for this list.  If any of these posts peak your interests, I encourage you take a deeper look at some of the past posts.  It’s been a pleasure to blog over the years and I appreciate your readership!

2012

Who is spying on you?  Your Car!
Privacy concerns about the confluence of information technology in automobiles.

Do Not Track, Why Does it Matter?
The verdict is out, nobody cares about our personal privacy preferences.  Still it was great to have hope at the time.

Java Spotlight Episode 106: Java Security Update
Roger Brinkley interviewed Bruce Lowenthal and I on Java security.  It was surprisingly popular since there was little discussion about Java security outside of Oracle at the time.

Movie Reviewed, We are Legion: The Story of Hactivists
Security pros on talk on camera about Anonymous hacking group in this documentary film.

Measuring Internet Connection Throughput
Discuss Java project to measure performance of Internet connection with Java.

Google Hacking — Blast From the Past
Use advanced Google search commands to find the needle in the Internet haystack.  Useful to find anything of interest.

2013

Provided readers a teaser about the brand new JavaOne Security Track.
Highlights around security concerns from 2013 at these conferences.
Link to official Oracle post addressing Java security concerns at the time.
Interviewed by Roger Brinkley discussing the new Java Security Track at JavaOne.
Security is a big profession and their are many different domains of expertise covered in this post. 
Amazing eye opening movie about Internet privacy.
Academic research around posts we type but instead decide not to share.

2014

Overview of various technical security features found in Java SE 8.  A video is available as well.
Security metrics of the day and my first stab at an infographic.
My first Raspberry Pi project.  Explain my experiences assembling the Raspberry Pi with a 2.8″ TFT touch screen.
SSLTLS Introspection(project DeepViolet)
SSLTLS is increasing under fire from attackers I decide to learn more about the low level protocol negociation.  Instead of opening a HTTPURLConnection I built some code to negotiate the connection myself (with some help from others on the Internet).  Several articles as well as code in GitHub.
Coverage for security concerns at Black Hat and DEFCON 22.  Describe experience with Software Defined Radio (SDR).  Ancillary coverage of DEFCON 22 computerize badges and pre-launch party for security book Iron Clad Java.
Second Raspberry Pi project.  I use the SDR radio I purchased from DEFCON 22, my recently completed Raspberry Pi with 2.8″ TFT display, and dump1090 software to make ADS-B aircraft receiver.  I learn something about aircraft security – it stinks.
Links to security presentations from JavaOne 2014.
Ever heard of racing drones?  This isn’t your daddies DJI Phantom, forget that.  This is a 100mih(158kmh) drone you fly with VR googles first person style.  Forget your wallet as well.
I try my luck at memes and developed an appsec focused meme.  Challenging to distill a message into a meme but a surprisingly effective way to communicate.

Honorable Mentions

All these are only honorable mentions since they are likely more relevant for me and not readers.  First is the blog post I decided not to write, I provided a public conference call around Java platform security that started a media fire storm (ComputerWorld,  JavaWorld, The Register, SecurityWeek, and others).   Another runner up is improved transparency around Java platform security by adding a Security Track to JavaOne (multiple posts, Conferences tag).  Last but not least, I was invited to speak at Black Hat 2013 USA, Oracle; On Java Security to security leaders from around the world on Java security.  The entire session was provided under NDA.  I had to eat my Powerpoint presentation when I finished.  But all is not lost, I developed a follow-up post about attending the conference for readers, Black Hat 2013 USA and DEFCON 21 Trip Report.

Author: milton

For bio see, https://www.securitycurmudgeon.com/about/