C3L - Meet the team!

 Introduction to the people behind this blog! This blog is where members of C3L post about current projects, spread a bit of information, and write about their personal interests in order to create a wider outreach.  The blog has three main authors contributing: Scott (the director of the company), Alex (researcher and co-developer), and Grace (Research assistant for the company.) The purpose of this post is to officially introduce each of us as individuals in order to give a small insight into who we are and what we're like at C3L as people.  Firstly introducing, Scott:  I'm Scott, I started the company to take advantage of an opportunity to work in standards way back in 1995 and have managed to keep my hand in since. My background is in engineering and I've been doing it since leaving school and university. I'd like to think I'm good at it, taking a holistic systems view to things and looking into why they aren't secure and then trying to find ways to fix thin

Cybersecurity and Usability

  Introduction   The topic of cybersecurity and usability is a topic I have covered before though with a focus on IoT. This post will aim to take a broader view along with covering additional ideas and concepts. It is subject that cannot be learned once and then filed away since with every new design there is a risk of forgetting the design principles for usability plus often there is a chance when usability is considered from the start it may be weakened by feature creep and changing requirements. Therefore it is always worth reminding yourself and refreshing the principles behind usability in cybersecurity.  Design  Getting the balance between cybersecurity and usability is critical because at the either extreme w e can make systems secure enough to never be attacked but this would also mean no one could ever access or use them  conversely systems that are really easy to use might have little or no security though it is still possible to design a system with no security and be diffic

Another Look at the Cultural Splinternet

 Introduction Previously when I have written about the cultural splinternet it has been a vague idea to explore some concepts and thoughts. So this post will aim to give a bit more substance to the idea of the cultural splinternet. So firstly, the splinternet can be defined as  a characterisation of the Internet as  splintering and dividing   due to various factors, such as technology, commerce, politics, nationalism, religion and interests. Secondly, culture can be defined as  an umbrella term which encompasses the social behaviour and norms found in human societies, as well as the knowledge, beliefs, arts, laws, customs, capabilities, and habits of the individuals in these groups. Therefore, the  cultural splinternet is the internet divided into different elements such as language, ideas, interests and beliefs. This can be on the same types of platforms or distinct platforms serving a particular language or common interest. Depending on the context the cultural splinternet is not nec

DRM, DLP and Cybersecurity

  Introduction The purpose of this post is to examine how Digital Rights Management (DRM)  and Data Loss Presentation (DLP) software, when used together, can potentially improve the cybersecurity of an organisation. With the nature of work has changed due to COVID-19 we need to explore new ideas for companies to keep their people and assets safe.  DRM  tools  are a set of  access control  technologies for restricting the use of  proprietary hardware  and  copyrighted  works.  DRM technologies aim to control the use, modification and distribution of copyrighted works (for example  software  and multimedia content), as well as systems within devices that enforce these policies. DLP software  detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring,  detecting and blocking sensitive data while  in use  (endpoint actions),  in-motion  (network traffic) and  at rest  (data storage). DRM is not often considered a  cybersecurity  issue but more often a

The Realities of Online Learning during a Pandemic

The Realities of Online Learning during a Pandemic As a Second Year Undergraduate, I have had an interesting university experience so far. I missed half of the first semester due to surgery and then my first year was cut short in the beginning of March due to the first lockdown in the United Kingdom, so off I went home to complete the rest of my lectures that had been pre-recorded for the semester.   After Easter, exam season was supposed to be in full swing but exam dates were pushed back three times due to sorting out how they were going to work and what software we were going to use. In the end, the exams were on our VLE (virtual learning environment) platform and were made open book due to Lecturers saying "We cannot monitor you, so to be safe, exams are now open book." Completing my exams at my kitchen table, drinking coffee / eating breakfast and wrapped in a blanket was a surreal experience and in comparison to my Sixth-Form and Secondary School exams that were stress-

Perils of Looking but Not Seeing

  Introduction As we go about our lives and work there is a good chance we often look but do not see what is around us. Depending on the situation this can either be harmless such as sitting at the window of train watching fields go by but can turn deadly such as looking at the traffic lights and failing to see whether it is red or green leading to crash as you go straight through.  The  key difference between them is to look at something means to gaze your eyes upon or acknowledge its presence. In order to see, not only does one look at the object but also understands it and pays attention to it. To look and to see are two different things, even if they both refer to visual perception. Visual perception is the ability to see and interpret our surroundings by processing information contained in visible light. Merriam Webster defines ‘looking’ as, “to ascertain by the use of one's eyes; to exercise the powe r of vision upon; to search for.”  In layman terms, to look at something mea

The Scourge of Phone Spoofing

  Introduction A trend which keeps increasing and sees people receive unwanted calls and messages is caller-id spoofing.  Number spoofing is when someone fakes outgoing caller ID info to show a number that isn’t theirs. The spoofed number often belongs to a real person or business, but not to the person using it to call you.   A common strategy is neighbour spoofing, which is when the caller displays a number with your area code so that you’re more likely to pick up. Scammers will even spoof the numbers of legitimate government agencies, banks, and insurance providers to fool people into paying fraudulent fees or revealing sensitive information.  The spoofers goal is  to make a profit by dishonest means. There are  difficulties  in presenting caller-id spoofing  because  it is not  illegal  as there  legitimate  use cases of it.  There are situations when number spoofing is arguably necessary, or at least understandable. For example, a doctor might display their office number when they