IT Security UK [site no longer obtainable]

As of March 2022, the ITsecurity.co.uk site has disappeared from the net altogether and, all the links below generate a 404 error, so this page is  retained purely for historical purposes. However, I still have some of the articles, and I might put some of the better ones up here and/or use them for a book project.

To quote the About page:

ITsecurity.co.uk is a small independent organization with no allegience to any vendor, publisher, doctrine or dogma. Its purpose is to present and dicuss information security in a new and challenging manner. Every post on this site is the opinion and view of its individual author. ITsecurity.co.uk takes no view itself – it is a conduit for multiple viewpoints.

Kevin Townsend is by no means uncritically accepting of the views or propaganda of the security industry, so I was very pleased that he considered me impartial and readworthy enough to blog for his site occasionally. As always, I can’t guarantee to keep this page updated very regularly, but all my blogs for that site can be found here.

Here are the articles I contributed so far (as far as I remember), most recent first:

• Security books – 21 people name their favourites
• WannaCryptor ‘Afterthoughts’…
• WannaCryptor: XP, Win8, WinServer 2003 patches [updated]
• Still Pumping and Dumping
• All Hands to the Pump (and Dump)
• Social Engineering v. Malware: Remembering VBS/Loveletter
• Key Card Ransomware: News versus FUD
• Support Scams and Diagnostic Services
• Misinformation, Memetics and Electoral Fallout
• Wire-Wire Scams: Evolution beyond the 419
• [Some missing here]
• Robocalls: Automating Nuisance Calls
• What makes a good CISO?
• Facebook’s not-so-smart algorithms
• Healthcare, IoT, and security marketing
• Stuxnet: more historical than hysterical, I hope
• Bank Fraud: Whose Fault?
• TeslaCrypt: We’re Sorry, Here’s the Decryption Key
• Ransomwhere? – detecting new ransomware
• Healthcare Security and your Doctor’s Cellphone
• Patches (and Vulnerabilities, and Exploits)
• Virus hoaxes still thrive while ‘Sonia disowns Rahul’ 
• Buzzwords and Booth Bunnies
• Internet of Things? *All I want is a proper cup of coffee…
• San Bernardino: what does the security industry think?
• Malicious Photocopier: not the Internet of Things
• Wipro Wipeout? Call Centres and Scams
• Predictable Predictions and IoT
• The Hippocratic Oath and the Internet of Things
• Tech Support Scams: is Dell Compromised?
• Icebergs and Security Predictions
• Counting Malware & Running Out of Fingers
• Cyberchoices and the Price of Expertise
• Terrorist Attacks, Hoaxes and Malware
• Tech Support Scams: a Beginner’s Guide
• Windows – still here despite the breakages
• Stuxnet: Sprinting for the Finnish
• Facing Up to Facebook
• Support Scams: Talos Takes Note
• Team Cymru’s View on Hello Barbie
• Backdoor Barbie: Let’s Go Party
• Safe Harbor, Pearl Harbor
• Cyberjargon and 100% Security
• Support Scams: Splashes in the Phish Pool
• Music, Security, and a Nice Cup of Tea
• iOS and Malware
• IoT Hacking: Surviving an Online World
• Dennis Technology’s 2015 testing report
• The 419: Mugs and Mugus
• Watching the Furby Fly
• Spam: Casablanca Revisited
• Information, News and Education
• Comment spam: what would Letitia say?
• Spy Versus Spy: Campbell, Snowden and ECHELON
• Double Dipping: Nuclear exploit, fake BSOD, support scams
• Sysadmin Day: have you tried rebooting
• Lies, damned lies and statistics*
• Behavioural Profiling: Conforming to Type
• Signatures newsflash: AV doesn’t detect what it doesn’t detect
• Passwords, PINs, Needles and Haystacks
• Encryption, Politics, and Keys Under Doormats
• Divide by Zero Cookie Intolerance
• Encryption and Politics
• Working for Facebook – Behavioural Advertising
• Professor Klaus Brunnstein
• The Florentine Deception revisited
• Vote for Facebook!
• Anti-Malware Test Cheats: the View from AMTSO
• Product test cheats: this could run and run
• Not a book review, but fiction that might interest you
• Top Facebook Stories: Your Choice?
• Hacking the Royal Male: the Computer Misuse Act
• iToons: Attribution and the Media…
• Android exfiltration, OpenSSL, and iOS app memory handling
• 50 Shades of Security Tips
• OpinionSpy resurgent
• Targeted phishing: the $17m sting
• Hoaxes and Facebook
• Steve Gold: a Journalist and a Gentleman
• Phishing, Spoofing, and Looking a Glyph Horse in the Mouth
• Hoaxes, Facebook, and the Mother of Parliaments
• OS X malware: I hear you KnockKnocking but you can’t come in*
• (Alleged) support scam site knocked back
• Mobile Malware: Should I Keep Taking The Tablets?
• The economics of benevolence: mean memes
• Back-to-school advice
• Security Certificate #FAIL: No FT, No Comment
• Support Scams and Developer Data Harvesting: is there a Connection?
• Antipodean iOS ransomware
• Hello, ITsecurity
• Introducing David Harley (This introductory article is actually quite recent, and is nailed to the top of the list of my articles on the site, but I think it probably belongs down here next to the first article I contributed.)

David Harley