Rafe Hart

Thoughts on security, privacy, and building software.

What is Privacy Engineering?

05 January 2020

If you've heard of Privacy Engineering, you know it is rising rapidly in relevance, but in my opinion, it's not truly defined yet. It's 2020, the CCPA is in effect, and with surveillance, IoT, drones, facial and other biometric recognition, cryptocurrencies and increased regulation, it's going to be a pivotal decade for tech. Early last year, the concept of Privacy Engineering started gathering traction, entering the Gartner glossary, and being pushed by industry groups like the IAPP. It's an interesting area to understand, because it's a problem not yet fully solved, and relevant to us all.

Read More

Installing Hyperion on Kali Linux

17 October 2019

Hyperion is a runtime encrypter for 32/64 bit portable executables, typically used to evade antivirus software. Here are step by step instructions to build hyperion on your Kali system.

Read More

Installing xRDP on Kali Linux

13 October 2019

There are a lot of complicated tutorials on how to get xRDP working on Kali Linux, when using Gnome. I suspect the tutorials have become complicated as they address a variety of bugs that xRDP and connecting software has had over time, but there isn't much you actually need to do. Here are the steps to be able to RDP into your Kali box locally, and via an SSH tunnel over the internet.

Read More

The Coming US Privacy Law

03 February 2019

You may not be aware, but there is a new privacy law coming in the US, and though we don’t yet know the exact form it might take, it’s impact will be deeply felt. All around the world, new laws such as the GDPR are being enacted as governments struggle to catch up with technology. In Brazil the government has passed the LGPD, in Vietnam the government has passed similar legislation, under what is referred to as the ‘Cybersecurity Law’, and in California the state legislature has passed the CCPA. Many other governments are in the midst of a similar process, having their sights set on mandating digital rights, and enforcing data sovereignty, including the US government.

Read More

Installing Burp Suite on ChromeOS

21 December 2018

I recently purchased a Pixelbook while over in the US, and I've slowly been exploring it's capabilities. I really like it as a travelling device, and I've naturally been curious about what you can set up. VSCode, Signal and other apps all seem to work in the Linux sandbox environment, and it turns out that Burp Suite does as well. Assuming you have the linux environment installed, adding Burp Suite is reasonably straight-forward.

Read More

Your Anonymous Data isn't Anonymous

24 June 2018

It’s been said that data is the new oil, and for good reason; insights from analysing data can save money and create competitive advantage, especially as we combine data sets and start data mining. But individuals don’t necessarily want to be data mined, and laws like GDPR, GLBA, PIPEDA, FERPA, etc are limiting what we can do without that individual’s consent. GDPR in particular has no grandfathering of data collected previously, meaning that if you want to hold onto the data you have, you need to anonymise it.

Read More