Today is a very exciting day in the Sophos office – Naked Security is celebrating its fifth birthday!
Naked Security made its way into the world on 28 October 2010. The brainchild of Carole Theriault and Graham Cluley, the site brought all our security experts and blogs under one big Naked Security roof and aimed to be the voice of reason in a world gone mad.
Five years on and we think we’re still doing that, and the many awards we’ve won in that time hopefully back that up. Just this year we’ve won three, including our first ever award for our Chet Chat podcast.
I’ve been Editor-in-Chief for the last two and a bit years, and today we publish around 100 articles a month and send our daily newsletter to over 40,000 people.
From our regular contributors, Paul “Duck” Ducklin, Chet Wisniewski, John “JZ” Zorabedian, Mark Stockley, Lisa Vaas and Lee Munson, to our occasional contributors, John Hawes, John Shier, Ross McKerchar and the SophosLabs guys and girls, our subeditor Marcus Sanigar and our social media queen Kimberly Truong, the Naked Security team are a fantastic bunch of people.
(Note: Please email me if I’ve forgotten anyone, and I’ll edit this and we’ll pretend it never happened.)
So how have things changed in five years? I asked some of our writers to look at five big topics that have featured on Naked Security in that time.
It seems only right that we start with our longest serving team member and one of our most prolific writers, Paul Ducklin.
Paul Ducklin on Java
Remember Java? Nor do I. Actually, now I mention it, it’s all coming back.
It was called Oak, after a tree outside the inventor’s office. It was going to be the programming language that ran washing machines, that sort of stuff.
Anyway, Oak ended up embedded in your browser instead of your laundry – and Oak was too stolid a name, so it ended up as “Java”, because coffee makes the internet go round. And the crooks fell in love with it, because it had a few security holes, and then a few more, and so on and so on.
Eventually, Oracle bought Java and, one day, the company simply stopped Java working in your browser unless you really asked nicely.
And that was pretty much that for Java malware.
Five years ago it was everywhere, now you hardly see it. And that’s a nice fifth birthday present for all our readers, wouldn’t you say?
Mark Stockley on Talking Angela
WARNING FOR ALL PARENTS OR IF U OWN A TABLET OR IPHONE OR OTHER PHONE OR LAPTOP MAKE SURE U R SITTING DOWN WHEN YOU READ THIS COS THERE IS AN APP CALLED FACEBOOK THIS APP IS BEING USED TO SPREAD A HOAX ABOUT A KIDS GAME CALLED TALKING ANGELA!!!!!! THEY SAY THINGS LIKE : IT’S KIDNAPPING PEOPLE !! AND IT’S GOT A REALLY TINY PAEDOPHILE SAT IN ITS EYE AND HE’S LOOKING AT YOUR CHILDREN AND ASKING THEM WHERE THEY GO TO SCHOOL BUT IT HASNT ZOMG!!! A WEEK AGO NOBODY HAD HEARD OF IT APART FROM THE MILLIONS OF PEOPLE WHO USED IT AND NOW EVERYONE IS TAKING THEIR TECHNICAL ADVICE FROM STRANGERS WHO CANT EVEN FIND THEIR CAPS LOCK KEY LOL AND IM SCARED BECAUSE THE INTERNET IS GOING TO RUN OUT CAPITAL LETTERS IF WE DON’T STOP. ITS THE END OF DAYS PLEASE PASS THIS MESSAGE TO YOUR FRIENDS AND FAMILY AND TELL THEM TO READ NAKED SECURITY AND IT WILL ALL BE OK THX!!!!
John Zorabedian on the Snowden effect
Edward Snowden exposing the NSA’s sweeping surveillance programs was a major event in privacy and security, but over two years later, is there a long-lasting “Snowden effect”?
When comedian/muckraker John Oliver asked average Americans what they thought of Snowden, many of them couldn’t even identify who he is, and those who could had a poor understanding about what Snowden’s leaks revealed.
A March 2015 survey found that nearly half (46%) of Americans said they were “not very concerned” or “not at all concerned” about NSA surveillance.
Now, you’re likely to find different results in, say, Germany, where Snowden is revered.
But if Americans aren’t concerned enough about NSA surveillance to push for reforms, the Snowden effect could amount to very little change at the NSA.
And yet, I’d argue that Snowden did bring about a sea change in how big technology companies like Google, Apple, Microsoft and Facebook treat our privacy and security.
People may not realize it, but the next time they lock their shiny new iPhone or Android smartphone, automatically turning on device encryption – or send an encrypted message over iMessage, WhatsApp or Facebook Messenger – they have benefitted from the Snowden effect.
Lisa Vaas on selfies and oversharing
Image oversharing has been undeterred by the deluge of nudes that rained down on us in breaches over the past few years, be it Celebgate or the Snappening, et al.
Take the Snappening, for example.
A study found that 75% of college undergraduates said the spillage of 100,000 private images wouldn’t change how they would use the service.
People like sharing photos, epic breaches or no.
Research shows that only face-to-face encounters top Snapchat when it comes to making users happy.
Like parent, like child, or vice versa: the average parent will upload an eyeball-popping 973 photos of their child onto social media by the time they reach the age of 5, and 17% of them ignore privacy settings.
Is it any wonder that police have recently begun to beg parents to stop shredding kids’ privacy by oversharing their images?
No, with the exception of George Clooney passing out burner phones for his wedding, our oversharing hasn’t changed much in the past 5 years. In fact, it’s probably got a lot worse.
At least Celebgate prodded Apple into turning on two-step verification (2SV) for iCloud: a silver lining on the scummy cloud of stolen photos!
Lee Munson on data breaches
Five years ago Target’s tills weren’t on speaking terms with its air conditioning system, men around the world were happily chatting with Ashley Madison bots, and we weren’t hearing about a new data breach every day.
But then something happened.
Hacktivists, bored teenagers, cyber jihadis and all manner of other miscreants suddenly found the wherewithal to deface the capitalist web into oblivion.
Cybercriminals discovered modern websites were still prone to SQL injection, and PCI DSS checklists ticked into submissive compliance, as if both were something new.
CEOs became CISOs, despite lacking both information and security.
How lucky we are then, the innocent non-victims of the latest breach.
But surely our time will come, for it is clear that record levels of investment in information security are being undone by a skills shortage never before seen in Earth’s history.
Or so the media would have us believe.
The last word is left for you
Naked Security wouldn’t be the same site without the feedback we receive from you, our readers. So please, keep commenting on the site, keep posting on our Facebook page, keep sending us emails and keep tweeting us. We love hearing from you.
And if there’s anything you’d like to see more of on Naked Security, please leave a comment below. We’re always looking for ways to make this site even better!
14 comments on “Happy birthday Naked Security!”
Happy Birthday 🙂
Wow!…how time flies!! Happy Birthday to you!
Happy birthday from me too!
Since I haven’t a clue where else to post this, I’ve been wondering for quite a while: Has there been any discussion of the possibility of Lisa joining the ChetChat “team”, even if just as an occasional guest or fill-in?
While she seems to specialize more in social-engineering issues than hardware-firmware-software glitches and vulnerabilities, I’m sure Paul and Chet would welcome her company, as would we all.
Happy birthday to my favorite oxymoronically-named computer security blog! 😀
The origin of the name makes it not quite as oxymoronic as you might think.
IIRC, Graham and Carole (see article) were en route to our Boston office in the era that those full body “perv scanners” were still in use at some US airports. They both got scanned and – given the reputation of those scanners and the sort of images they could capture – one of them said to the other as they exited from the checkpoint, “Now THAT’S what you call naked security…”
In a light-bulb moment, that phrase was added to our list of possible names (we hadn’t gone live with the new blog format yet)…and in the end, our readers picked it out from a shortlist. (Don’t ask me what other names were on that final list. Some of the unsuccessful ones I can’t remember, and at least one of them them I wish to forget 🙂
Ah, good to know the back story! 🙂
Happy, Happy Birthday!
Naked Security has made a HUGE difference to my life.
I’m a senior citizen, some refer to my age group as elderly! Anyway after I eventually retired around five or six years ago I got on a steep learning curve and used a computer for the first time. One day crypto locker followed, But I Never Paid!
After all of this I heard about Naked Security, signed up for the daily newsletter, check out your blog daily. I have learnt SO MUCH from all of you, and have even been able to help friends.
Congratulations on turning five and all the awards I have seen you collect over time, and for all your articles, helpful info, with just the right amount of humour!
Thank You everybody at Naked Security…………..You Do Make A Difference!
Happy b-day, and thank you for keeping me up-to-date on computer security matters.
5 years! That’s tremendous Well done to all!
happy birthday and thanks for the articles!
Happy Birthday. Keep up the good work 🙂
Happy birthday and thanks for all the great info you have given all of us!
Congrats to everyone, including our loyal readers. We certainly couldn’t make 5 years without your support, advice and encouragement.