Interview on BBC Radio 4

by @edent | # | Read ~108 times.

While I was at the National Hack The Government hackday, I was interviewed by Chris Vallance – an amazing radio producer with the BBC. We spent quite a while talking about my findings of unsecured Government websites. It was a wide ranging chat, looking at spam, security, and the long term future of .gov.uk and…

Continue reading →

Removing Gmail From An Android Tablet

by @edent | # # # | 9 comments | Read ~17,722 times.

I’ve an interesting use-case, that I don’t think is met by Android. I want my tablet to have access to my Google Play account but not have access to my emails. I recently acquired a cheap Android tablet to act as a remote control for my entertainment equipment. The tablet sits in my lounge where…

Continue reading →

Should Non-Lawyers Be Able To Understand Laws?

by @edent | # # # | 3 comments | Read ~227 times.

Queen of the geek scene Emma Mulqueeny has recently been asked to sit on Speaker’s Commission on Digital Democracy. They’re currently soliciting for comments on the question: The system of laws and law-making in the UK is complex, but is that inevitable given the highly developed and interconnected society which laws regulate? Should you need…

Continue reading →

[Sponsored] eBay

by @edent | # #

This post is sponsored by eBay. I’ve been asked by eBay to put together a series of collections. As an international trend-setter*, it is my sincere pleasure to gather up the best that eBay has to offer. For example, here is a collection dedicated to the Galaxy Note 3. It’s a mixture of kit I’ve…

Continue reading →

Reactions to The Unsecured State

by @edent | # | 1 comment | Read ~214 times.

It has been an intense few months digging through the security failings of the UK Government’s websites and trying to responsibly disclose them. It culminated with a week of blog posts exposing the vulnerabilities – and an award winning hackathon project. So what has been the reaction? The Good Privately, I’ve been contacted by people…

Continue reading →

Introducing Corkr at #NHTG14

by @edent | # # # # # | 1 comment | Read ~131 times.

What a crazy weekend! I made the last minute decision to attend Rewired State’s “National Hack The Government 2014” hackathon. Rather than hack on any of the provided datasets, I wanted to work on an interesting way to present all the security flaws I had found in Government websites. I teamed up with Mark, Marcello,…

Continue reading →

QR Codes on Energy Bills

by @edent | # # # | 2 comments

This is a necropost – resurrected from the now defunct blog of a previous employer. Sadly, the follow-up post has fallen down the memory hole. You can still read Sharon’s response to it. Well, we can finally unwrap one of the little projects The Lab has been working on. Along with the Department of Energy…

Continue reading →

Passive Aggressive Trolling Co-Op Business Banking

by @edent | # # # | 1 comment | Read ~361 times.

Having recently moved house, I have become very aware of which companies have modern back end systems. The most top-notch ones let me log on to their website, fill in a form, and all the address changes are made. A few required me to ring up and speak to a human being, which was a…

Continue reading →

The Unsecured State Part 5 – Abandoned Inquiries

by @edent | # # # # | 6 comments | Read ~1,484 times.

This is part 5 of a series of blog posts looking at the security of the UK Government’s web infrastructure. The primary cause of the vulnerabilities I’ve exposed over this series is abandonment. In a flurry of excitement a website is commissioned and created. Then, as time wears on, people begin to drift away from…

Continue reading →

The Unsecured State Part 4 – UK Government Websites Spewing Spam

by @edent | # # # # # | 5 comments | Read ~5,095 times.

This is part 4 of a series of blog posts looking at the security of the UK Government’s web infrastructure. Over the last few days, I’ve shown that hundreds of websites run by branches of the UK state are in a perilous state of disrepair. There are multiple sites with hugely embarrassing XSS flaws, running…

Continue reading →