May the 4th marks Star Wars Day. Coincidentally, World Password Day, celebrated on the first Thursday in May, falls on May 4th, 2023. What a perfect excuse to bake a Darth Vader cake and write about passwords!
Tag Archives: cybersecurity
Easter Eggs – hidden ingredients in software and cake
What would Easter be without Easter Eggs and the taste of chocolate? Software, on the other hand, does not need Easter Eggs. Probably, there will be a few undocumented features accidentally anyway, without anyone implementing those on purpose. What about cake, then? Do you prefer your cake with or without easter eggs?
Cybersecurity awareness: carrots, sticks, and some carrot cake
Security awareness education sometimes consists of a mandatory boring lecture and an even more boring multiple-answer questionnaire. Having to take the training feels like a punishment. How can we make security training a carrot instead of a stick? Rewarding is one piece of the puzzle. Maybe you can even reward training participants with this lovely carrot cake?
Manage security debt and write some documentation!
For most people, writing documentation is boring! But what if I told you that writing technical documentation helps reduce security weaknesses? Writing down some notes also makes you a better baker.
Backup your data and your kitchen cupboard
March 31st marks World Backup Day. What a perfect time to check that there are backups of all your precious data! Remember also to check that you can restore the information if needed.
Sour phishing and sweet pie: the tastes of Valentine’s Day
Valentine’s Day is the time of roses, chocolate, phishing, and malware. Yep, the love letters you are getting to your inbox might be a scam!
Cybersecurity is not scary!
Hack! Data breach! Killware! Halloween is the perfect time to think that Is cybersecurity really so scary?
Apple pies and integer overflows
Autumn is apple season, so I started yearning for a yummy apple pie. Coincidentally, Apple recently released a patch for an arbitrary code execution vulnerability caused by an integer overflow. What a perfect excuse for baking an apple pie!
Cream and strawberries – baking security into the internet protocol stack
When the strawberry season is at its best, it’s my summer tradition to make a cake with layers of fresh strawberries and fluffy cream. Yummy! These delicious layers inspired me to write about baking security into the TCP/IP Internet protocol suite.
Threat modeling baking – when bread falls on the buttered side
Several things can go wrong with baking: meringue flattens, cookies are burnt, the cake is raw on the inside. These are something you can prepare for. Similarly, in cybersecurity, you can identify problems early and plan mitigations. This is called threat modelling. I’ll introduce threat modeling through baking analogies.
When cybersecurity goes overboard (and your cake too)
Especially chocolate cakes seem to sometimes be so filled, stuffed and topped with all sorts of chocolate that they go overboard. In fact, cybersecurity can also go a bit overboard sometimes. I’ll share my experiences of getting too enthusiastic and over the top with security along with a very chocolatey cake recipe.
What do vulnerabilities and bread rolls have in common?
Libraries in an application are like seeds in a bread roll. They are an inseparable part of the product. If the seeds are stale, the rolls might taste funny. And if the libraries contain vulnerabilities, the application can be vulnerable, too.
Bake Security In 