PKI – is there a better way?

PKI is a technology that has stood the test of time, but it is let down by high running costs and poor implementation.
Continue reading “PKI – is there a better way?” →

Bah-Humbug

Having been on a customer site all day, I returned home to scan my email.

Over half the emails were festive greetings, with all sorts of creative content: embedded images, attached animated images, links to sites with festive messages and attached files with seasonal offers.

What could possibly go wrong? Continue reading “Bah-Humbug” →

S/MIME Re-trial

In the blog S/MIME on Trial in 2013, I outlined some challenges using S/MIME to send secure email.

I also posed the question, was I confident the issues would be solved in a 3-5 year timeframe?

Well, here we are 3 years later, let’s take a look. Continue reading “S/MIME Re-trial” →

The Secure Internet of Things

The Internet of Things (IoT) is big news at the moment, being used as a title for just about everything that interacts with the internet, be it man or machine. In some areas the commentary is just starting to recognise that security and privacy are issues. And as you expect, various players are putting forward their solutions. Continue reading “The Secure Internet of Things” →

Trustworthy Communications

Each day we become more reliant on the Internet in both our personal and business lives, yet each day there are new stories of security failures. A key part of living and working on the Internet is the ability to be able to communicate securely; whether inter-personal communication, such as email or chat, or client / server communication to access a web site.

This blog looks at how and why secure communications fail, and what we can do about it.

Continue reading “Trustworthy Communications” →

S/MIME on Trial

For the last 3 months I have, by default, digitally signed my email. Well that was the plan…

Continue reading “S/MIME on Trial” →

CRLs are a critical part of security infrastructure – oh dear!

In the article “why has encrypted email not taken off” I looked at some of the barriers to the widespread adoption of secure email. Certificate revocation was one factor discussed.

Continue reading “CRLs are a critical part of security infrastructure – oh dear!” →

Why has encrypted email not taken off?

Recently a colleagues tweet took me to a news article promoting the use of secure (encrypted) email. The article was promoting this as a sensible thing to do, and provided a check list of how to do it.

Outside of closed users groups, I doubt many people will. Why?

Continue reading “Why has encrypted email not taken off?” →