How does this hacking thing work, then?

If you’re not in the public eye, you’re not likely to get hacked for fun. Anonymous et al are in it for the oxygen of publicity. Most hackers are in it for the money. So to understand your risk, you need to follow the money. How can hackers monetise you? Firstly, by using you as … Continue reading How does this hacking thing work, then? →

Not everyone is a fanboi

I’ve touched on this before. Too many businesses assume that all their customers are the same. At the heart of the assumption is an over-developed sense of their own importance. Most consumer-facing businesses have a fan-base, a core of devoted users of their products and services. These are their visible customers; they act as brand … Continue reading Not everyone is a fanboi →

When verifying identity risks losing it – the overgrowth of KYC

With fraud on the rise, a need to secure tax revenues, and a global commitment to reducing money laundering, it’s no wonder that regulation requires ever more stringent verification of customers’ identities. The trouble is that something which used to be the province of banks has become the province of, well, everyone. Including any number … Continue reading When verifying identity risks losing it – the overgrowth of KYC →

Why can’t people get the message about passphrases?

A training provider we use recently posted this. The executive summary is: "Use a 9-character password with upper- and lower-case text, numbers and symbols and your password will be 'unhackable'". According to the author, it would take about 45,000 years to hack using a brute force tool. Unfortunately, this is plain wrong. Brute force hacking … Continue reading Why can’t people get the message about passphrases? →