UFC 126 recap

by javvad Malik with no comments

A couple of days ago we were treated to UFC 126.

Now there are plenty of cool MMA websites where you can get the full report from, but the super-short version is here:

Miguel Tores Jabbed a midget for 3 rounds.

Rich Franklin looked like a midget against Forrest Griffin and was more or less tossed around like one.

Jon Jones further proved that with a bit of athleticism and freaky long arms anything is possible.

Steven Segal is Anderson Silva’s Mr Miagi and helped channel the awesomeness of the karate kid in a front kick.

Ummm and that was about it. A couple of other observations were:

Jon Jones got told he’s got a title shot after his victory. He disappointed everyone by not making a heel turn and clocking Shogun in the back of the head with a steel chair.

Anderson Silva likes to take the vaseline from his face and rub it over his body before the fight starts. In the words of Tito Ortiz, “if you ain’t cheating, you ain’t trying”


filed under Uncategorized

Security BSides is coming to London

by javvad Malik with no comments


The security community in London has always tended to be slightly envious of our American cousins. They’ve always ended up with the best conferences with the biggest releases and the coolest people. Only a few from Europe crossing the pond and even less doing so with the blessing of an employer.

However, that has all changed, with Security BSides London being announced for April 20th 2011. The anti-conference of security conferences. No bells, whistles, sales people with no clue what they’re talking about and scantily-dressed booth babes. It’s the event where the elite security crew turn up to network, give talks and heckle one another. It’s the place where cutting edge real world security issues are bought to life.


So if you haven’t booked your free ticket yet, head over right now and sign up before they’re all gone.

Still not convinced, check out the excellent marketing campaign on youtube.

Read the rest of this entry »

filed under Uncategorized

Post-Holiday Blues

by javvad Malik with 1 comment

I’ve figured out why everyone in the office is so miserable. At first I thought it was a simple case of the post-holiday blues. Or perhaps they were regretting all the calories they’d consumed whilst socialising with family they’d rather not see. But the reality is that people are miserable because of security.

They walk back to the office knowing full well, like hundreds of others in their office, they’ve forgotten their password. So they have to wait 33.28 minutes on-hold listening to Jingle Bells because someone forgot to put the elevator music back on. You then have to jump through 20 different hoops to identify yourself. Your name, ID number, user ID, your managers name, your national insurance number… blah blah blah.

Finally, you’re told that your password has been reset to Password123.

Success? Nearly, because you’re not quite out of the woods yet.

You logon and the system and it asks you to choose a new password and that goes somewhat like this:


And you wonder why people are miserable on their return to work.

filed under Security

My New Years Resolution

by javvad Malik with no comments

The New Year is always a good time to wipe the slate clean and start afresh. On a personal level many of us vow to make big changes in our lives. Spend more time with the family, lose weight, climb that mountain we’ve always wanted to climb and so on.

This year however, I’ve decided that I should make some specific professional resolutions with regards to information security.

Once I sat down to think about it, I realised it wasn’t an easy task. In order to make a resolution, you have to first admit there is a deficiency that needs correcting to begin with. So when someone asks you “what’s your resolution” what you’re really telling them is what you think is wrong with you.

Information security is not unlike most professional industries. Whenever anything goes wrong, it’s never really our fault. With a large number of people to point the finger at, it’s almost too easy to shift the blame. If there’s a security breach, you can blame the “lazy” developer for coding it wrong, the “incompetent” IT department for not patching it on time, the “ignorant” manager for not doing anything with the risk report you issued them with, or if all else fails, simply blame the “dumb” user.

So, this year, I’d like to set off on a more positive and accountable route. Not just personally, but hopefully something that my friends and colleagues in information security will also adopt:

If you’ve heard me talk about security but still don’t think it’s important.

That’s my fault not yours.

If you’ve seen my solution but don’t endorse it.

Then I haven’t understood your problem correctly

If you’re bored of my presentation

That’s due to my lack of passion and engagement.

If I fail to persuade you to implement a policy

That’s my fault too.

If a system is so secure it reduces your efficiency.

Then I need to design solutions that meet your business needs.

Wishing you a happy and prosperous 2011.

filed under Security

A new years message

by javvad Malik with no comments

As 2010 draws to a close, rather than send loads of cards, what better way to remind all your friends that you’re thinking of them as the calendar changes to 2011. So investing in the latest technology, hiring stuntmen, rigging explosions and bringing you the best new year video ever made…

filed under Video

A look back at 2010

by javvad Malik with 1 comment

I wasn’t going to write anything about this year in terms of a recap or future predictions, well purely because everyone seems to do it and it becomes a bit repetitive.

But I saw this Google video of the year in perspective and thought it’s worth sharing. – Enjoy.

filed under Video

UFC 124

by javvad Malik with no comments

I’ve had a pretty bad run of predicting UFC fights lately and it seemed like lady luck was against me. First Brock Lesnar got absolutely demolished and then Matt Hughes. If there was a slight silver lining it was that Rampage Jackson beat Lyoto Machida (barely).

But this weekend made up for all of it as Georges St Pier methodically took apart Josh Koscheck en route to a near perfect victory. People may complain that Georges wasn’t able to finish Josh, but personally nothing was more satisfying than seeing Josh getting punched repeatedly in the right eye for the full 25 minutes.

What a great early Christmas present!


I could tell you there were other fights on the card, but I honestly can’t remember any of them.

PS. Get healed up soon Josh. We need someone to root against in our fights :)

filed under Uncategorized

10 types of managers to avoid

by javvad Malik with 2 comments

image  As the old saying goes, you can’t choose your family, but you can choose your friends. I’m not sure which category managers fall into. On one hand they are thrust upon you by the organisation, “ye shall report to thee” and you have no say in the matter. On the other hand the counter-argument is, just change jobs.

But whilst you’re pondering over whether a manager is like family or a friend, lets look at 10 types of managers we’d rather not work for.

10. Nothing’s good enough

You know the type, whatever you deliver is not good enough. It’s too soon, it’s too late, not enough words or not enough pie charts. Avoid him like the plague or sit in a purgatory of endless document revisions.

9. The reject

He’s the guy who seems normal enough until you try to go for a promotion. You realise he’s the guy who went for the job above him but got rejected and hence begrudgingly doing his role managing you, whereas he could have been so much higher up the food chain. Expect to listen to plenty of sob stories of how he was wronged and how his superiors are all corrupt as FIFA officials. He will wear you down and drain you of all enthusiasm and talent.

Read the rest of this entry »

filed under Uncategorized

Random Security Picture

by javvad Malik with 1 comment

Is this what your web application looks like?


filed under Security

In flight safety card – what they really mean

by javvad Malik with 1 comment

So how many times have you been on a flight, probably on an international low-cost airline which is still using planes that your great grandpa used to fly back in the day and looked at that badly drawn safety card and wondered to yourself, “what does this mean?”

Fear not, they’re explained here.



Read the rest of this entry »

filed under Uncategorized