Stories by Anthony Caruana

The Authentication Game

The balancing act between security and usability is hard to achieve. Inevitably, compromises are made either by system designers or wily users who find ways to circumvent complex rules and processes. But researchers from the University of Pretoria in South Africa have been conducting research and designed a new approach to authentication.

Anthony Caruana | 26 Jun | Read more

How to stay protected for Heartbleed and other OpenSSL flaws

Heartbleed wasn't just an interesting Internet security story. It was a sign that one of the most fundamental building blocks relied on by many large companies was significantly flawed. Even more staggering was the revelation that the OpenSSL open source code library, that is responsible for SSL communications between systems, had another flaw that went undetected for over a decade.

Anthony Caruana | 24 Jun | Read more

Crypto won't save you

Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures and security usability. Having been part of the team that wrote the popular PGP encryption package, you'd expect that he'd put a lot of trust crypto.

Anthony Caruana | 30 May | Read more

Are we gambling with TCP/IP

At AusCert 2014, Verizon's Marcus Sachs posed the question – "Are we gambling with TCP/IP?" Think about it. In the late 1990s there was a protocol war in progress but in a few short years Token Ring, NetBEUI, Apple Talk and the others all disappeared to be replaced by the protocol of the Internet.

Anthony Caruana | 30 May | Read more

Security in a post NSA era – it's a head game

Stefan Schumacher is head of the Magdeburg Institute for Security Research and is currently running a research programme about the psychology of security. At AusCERT 2014, he told the audience that Edward Snowden's NSA leaks have removed any lingering doubts about a totalitarian surveillance of the Internet.

Anthony Caruana | 29 May | Read more

iVote – strategic threat intelligence approach to e-voting

Imagine taking one of the most important business processes within your business, making a revolutionary change to it and having to convince everyone that the process they’ve relied on isn’t nearly as perfect as they thought. That’s a challenge that was faced by Ian Brightwell, the CIO of NSW Electoral Commission.

Anthony Caruana | 22 May | Read more

Incident response lessons learned from 100 compromises

One of the great challenges of incident response is knowing what the best course of action will be before you start reacting in anger during a security incident. Who should you notify and when? At what point should things be escalated to a more senior level in the business? Should you shut down systems or delete virtual machines?

Anthony Caruana | 22 May | Read more

Can FIDO bring biometrics to consumers?

Information and system security is a complicated business that comes down to a few very basic concepts. Issues of trust and identity are central to effective information and system security. The trouble is, we often struggle to understand what these two things mean and have an even harder time trying to prove them.

Anthony Caruana | 22 May | Read more

AusCERT's entertaining speed debate

Nine debaters, six topics and a witty moderator keeping everyone in check – that’s how it works at AusCERT’s annual speed debate. Three of the nine speakers get to speak in the affirmative for each topic with another three arguing for the negative. Why is it speed debating? Each speaker only had 60 seconds to make their point.

Anthony Caruana | 22 May | Read more

AusCERT 2014 award winners

AusCERT's answer to the Academy Awards was recently held in front of a packed room at the Royal Pines Resort at the Gold Coast. The event was hosted by popular radio and television personality Adam Spencer. The four awards recognised the achievements of individuals and organisations that made outstanding contributions to the Australian information security sector.

Anthony Caruana | 22 May | Read more

Infosec 2014: No win, no break even, no escape

The three laws of thermodynamics – “you can’t win, you can’t even break even, and you can’t even get out of the game” – can be applied to hackers who only have to succeed once and get access to one piece of data for you to have lost, said consultant Dan Klein at AusCERT 2014 event.

Anthony Caruana | 22 May | Read more

Breach response is tied to big data

Scott McIntyre spent over a decade as the chief security officer for the oldest ISP and telco in the Netherlands. Now, he’s the chief security specialist for Telstra. His career has spanned Internet/IT security for nearly 30 years. He believes the Internet can be re-claimed by those who want to do good, and shouldn't fall prey to the creepy behaviour our headlines are being filled with.

Anthony Caruana | 22 May | Read more

AusCERT 2014 Kicks Off

Graham Ingram opened this year's AusCERT conference, the thirteenth, saying that the most obvious theme is that of you lose trust in security. "Where are you? What's left?" he pondered.

Anthony Caruana | 15 May | Read more

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release