-
Resilient Assurance: A Failure-Assumed Approach to Confidence and Control
“Mature assurance is not the pursuit of perfect prevention. It is the disciplined management of inevitable failures” Limits of Classical Assurance Traditional or classical Assurance tends to make assumptions; that controls are implemented, that controls operate correctly, and thus that risk is reduced. In practice, things are not generally so simple. Controls decay. Environments change…
-
I Was Attacked, Linux Was Rooted, and GPT Emitted Too Many Goblins
A mixed week, overshadowed by the fact that I was the target of a violent hatecrime on Wednesday evening. Bruised, bloodied, and quite badly shaken. Not an ideal week overall for me. Linux Local Pwnage: Copy-Fail CVE-2026-31431 “Copy-Fail” is powerful & remarkably reliable local privilege escalation to UID 0. It was found using a specialised…
-
“Left of Bang”
The term “Left of Bang” may be familiar to those with military background or experience, especially if that includes experience of the US military. But the concept is simple enough. There’s even a decade-old book all about it with the same title (ISBN-13: 978-1936891306, published June 2014, easily obtainable). What is “Left of Bang”? Once…
-
How will Quantum Vulnerable Encryption (QVE) unravel?
I’ve written a little recently (and less recently!) about Post Quantum Encryption and how action is needed NOW. How the timeline of QVE’s unravelling and collapse will take place is almost impossible to say. But we might usefully draw some lessons from the collapse in confidence of the MD5 hashing algorithm. Let’s look at the…
-
Supporting Future Leaders and Players in Cybersecurity
There is a significant shortfall in the number of cybersecurity practitioners required across the world, and specifically of concern to me, in Europe[1]. It’s not merely numbers either – we need both greater numbers but also highly skilled and experienced practitioners. These do not grow on trees… they must be encouraged and nurtured, and I…
-
Do you think ransomware is scary? It will be.
Ransomware attacks have been in the news a lot recently; M&S, Co-op, Jaguar Land Rover, Heathrow Airport & other airports. But compared with what I’m expecting to come these are all relatively harmless. Don’t misunderstand me; they all cause harm, and real harm to real people, but this is caused indirectly. My fear is that…
-
Nailing Technology
Exciting and new (to me, and looking relatively new for everyone – but I don’t actually know how long these have been around) nail adhesive technology. There are a few things about nail glue that I have found rather frustrating. Firstly, it is fundamentally superglue – it’s the same chemical cocktail. But whereas superglue comes…
Trials & tribulations of my increasingly full-time girl-mode.
sophie @ baskerville.net
Sophie Baskerville 