Thursday, February 18, 2010

Telspace is hiring (again...)

The past few months have been rather chaotic at Telspace Systems. Therefore, its time (once again) for us to look at hiring a few more security analysts for our unique Telspace team.

We're looking for extremely skilled security analysts (especially on the web application hacking side) who are passionate about information security, enjoy intense challenges, can work in an informal environment and have quite flexible time in their daily lifestyles. A major plus would be having some sort of Foosball skills.

If you think you have what it takes or that you might know of someone who makes the cut, please forward details on to us as soon as possible so that we can meet up and chat.

Take care,

Friday, February 12, 2010

Google buzz privacy flaw.

By now you have probably heard about Google Buzz. A new social networking service brought out by Google, allowing users to share updates, photos and by the looks of it your entire contact list and anyone you have emailed. It also encompasses factors from the well known Twitter and Facebook. With all new services, security factors are an issue and Google buzz is no different. A rather serious privacy flaw lies in it, exposing all your contact addresses and people you have emailed.

Once in google buzz you have a prompt with the following "You're already set up to follow the people you email and chat with." So by simply emailing someone you will now be "following" them and they will have access to you contact list.

One of the main issues being discussed about Google buzz is the automatic opt-in, in a sense forcing users into using the service. Then publicly disclosing your email and contact list, leaving your email open to spammers. All and all a bad move from Google. They seem to be taking a quick and serious response to the issues, with a couple fixes being brought out already.

However in the mean time google is asking for feedback, and you can give yours here:

In other news our submission wasn't accepted for the local security summit, yet the talk has been internationally accepted. We can understand and wouldn't want to side track the vendor talks and actually get some technical talks in there anyway. ;)

UPDATE: Well, Google has listened to everyones feedback and already fixed a number of the issues. For more info please read here.

Tuesday, February 2, 2010

Another post... finally.

Hi all, First off apologies for the rather dormant blog lately. Things have again gotten pretty chaotic on our side. The good kind of chaos though. We however are going to keep more posts coming your way.

For the year ahead we have already got a couple trips to Dubai and possibly Amsterdam planned. Although Dino might make me sign a few more NDAs before we head there. We also have a number of projects lined up which we will do our best to keep everyone up to date on. We wish you all the best for the year ahead.