Interview on BBC Radio 4

by @edent | # | Read ~107 times.

While I was at the National Hack The Government hackday, I was interviewed by Chris Vallance - an amazing radio producer with the BBC. We spent quite a while talking about my findings of unsecured Government websites. It was a wide ranging chat, looking at spam, security, and the long term future of .gov.uk and […]

Continue reading

Removing Gmail From An Android Tablet

by @edent | # # # | 9 comments | Read ~15,902 times.

I've an interesting use-case, that I don't think is met by Android. I want my tablet to have access to my Google Play account but not have access to my emails. I recently acquired a cheap Android tablet to act as a remote control for my entertainment equipment. The tablet sits in my lounge where […]

Continue reading

Should Non-Lawyers Be Able To Understand Laws?

by @edent | # # # | 3 comments | Read ~226 times.

Queen of the geek scene Emma Mulqueeny has recently been asked to sit on Speaker's Commission on Digital Democracy. They're currently soliciting for comments on the question: The system of laws and law-making in the UK is complex, but is that inevitable given the highly developed and interconnected society which laws regulate? Should you need […]

Continue reading

[Sponsored] eBay

by @edent | # #

This post is sponsored by eBay. I've been asked by eBay to put together a series of collections. As an international trend-setter*, it is my sincere pleasure to gather up the best that eBay has to offer. For example, here is a collection dedicated to the Galaxy Note 3. It's a mixture of kit I've […]

Continue reading

Reactions to The Unsecured State

by @edent | # | 1 comment | Read ~211 times.

It has been an intense few months digging through the security failings of the UK Government’s websites and trying to responsibly disclose them. It culminated with a week of blog posts exposing the vulnerabilities - and an award winning hackathon project. So what has been the reaction? The Good Privately, I've been contacted by people […]

Continue reading

Introducing Corkr at #NHTG14

by @edent | # # # # # | 1 comment | Read ~129 times.

What a crazy weekend! I made the last minute decision to attend Rewired State's "National Hack The Government 2014" hackathon. Rather than hack on any of the provided datasets, I wanted to work on an interesting way to present all the security flaws I had found in Government websites. I teamed up with Mark, Marcello, […]

Continue reading

Passive Aggressive Trolling Co-Op Business Banking

by @edent | # # # | 1 comment | Read ~358 times.

Having recently moved house, I have become very aware of which companies have modern back end systems. The most top-notch ones let me log on to their website, fill in a form, and all the address changes are made. A few required me to ring up and speak to a human being, which was a […]

Continue reading

The Unsecured State Part 5 - Abandoned Inquiries

by @edent | # # # # | 6 comments | Read ~1,351 times.

This is part 5 of a series of blog posts looking at the security of the UK Government's web infrastructure. The primary cause of the vulnerabilities I've exposed over this series is abandonment. In a flurry of excitement a website is commissioned and created. Then, as time wears on, people begin to drift away from […]

Continue reading

The Unsecured State Part 4 - UK Government Websites Spewing Spam

by @edent | # # # # # | 5 comments | Read ~5,084 times.

This is part 4 of a series of blog posts looking at the security of the UK Government's web infrastructure. Over the last few days, I've shown that hundreds of websites run by branches of the UK state are in a perilous state of disrepair. There are multiple sites with hugely embarrassing XSS flaws, running […]

Continue reading

The Unsecured State Part 3 - 2,000+ NHS Security Vulnerabilities (Disclosed)

by @edent | # # # # | 8 comments | Read ~11,039 times.

This is part 3 of a series of blog posts looking at the security of the UK Government's web infrastructure. Britain's National Health Service is riddled with old and insecure WordPress-based websites. Many of these sites have severe flaws including being vulnerable to XSS attacks. There is absolutely no suggestion that patient data or confidentiality […]

Continue reading