Although NSA's elite joint special operations command brags that they've been able to track switched off mobile phones for almost a decade, no one quite knows how they did it.
A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.
We laughed at the tin foil nutters, called them crazy, but now that it's been found that the US is spying on everyone, of course they're nowhere in sight now that we need them.
Should we trust that LinkedIn won't do anything bad when we give it our email account credentials? The better question is: Why on Earth are we even doing that in the first place?!
It has the hallmarks of an advanced threat -- compromising the supply chain, being familiar with the server architecture -- but one startup managed to thwart being robbed by having a keen set of eyes and encryption in place.
Yahoo pays US$12.50 for a cross-site scripting vulnerability that could compromise email addresses. Does that mean it doesn't take security seriously? Not necessarily.
The worst happens: Your security vendor is caught out implementing double-decade-old and flawed algorithms to secure your password. But if administrators had picked a good password, it actually doesn't matter.
The incumbent Australian government might be clueless about its cybers when it crows on about the digital economy, but it turns out the Coalition isn't much to look at, either.
Buying a new phone every time you want to make a call is secure, but it's stupid if you want to do anything of value. Likewise, when it looks like companies are adopting a consistent two-factor system, I shake my head when they go in another direction in the interests of "security".
People worry that Google is accepting code from the NSA and pushing it into Android, but really, don't we want some of those code breakers showing us how to do it right?
When is two-factor authentication not? When it's as bypassable as Yahoo's.