MSc project ideas - Cyber MiSC

- speak to folks at work - high side/low side + DevOps? Integrity/confidentiality guarantees? - Jack Teixeira case: how could this have been prevented? What were the failures? - likelihood of getting information/interviews on this: very low 😆 - tie to the role of trust in securing networks and information, and the cases of [[Edward Snowden]] and [[Chelsea Manning]]? - a minimal secure [[disaster recovery]] service? - Stick: - minimal, open-source OS that's familiar to users - encrypted drive - contains disaster recovery plans - triggers a signal when accessed - trial with an organisation - how to keep up to date? - is it obsolete because of cloud services? - Web: - create a minimal web service for the same purpose? encrypted S3 bucket, login with 2nd factor? - [[Wardley map]] for [[business continuity]] - Can misinformation by AI be counteracted with [[asymmetric|public-key cryptography]] to watermark videos and images ? - Something from Ian Levy's [goodbye note](https://www.ncsc.gov.uk/blog-post/so-long-thanks-for-all-the-bits)? - What impact does paying/not paying ransoms have on [[ransomware]]? - Using flipper zero in social engineering/red teaming exercises - Writing a cybersecurity strategy/analysing/best practice around organisations dealing with at-risk individuals - maybe speak to micro-rainbow? - Greenpeace? - Amnesty? - Oxfam? - Diplomatic Corps? - everyone gets a `.gov.uk` address - Rosa phones? - [[DNSSEC]] for a large-ish department? - What if we had a qualification for being a software engineer/made it a protected term? - architecture for systems where you don't trust the users, but they still have to do their jobs (privacy enhanced/privacy by default architecture) - or the auditors - Analysis of systems where user identity has to be hidden, but work still has to be done - MindGeek - SouthbySouthWest - synthetic companies, builds, and CV cleaning for individuals exiting sensitive industries - how to secure the management plane of cloud management systems - baseband/[[GSM]] modem security - proof of concept for publishers to digitally sign books, and for Amazon to not allow unsigned books under an author's name - a study/pilot project on the value of [[Software Bill of Materials]] - implementing a project using [[Secure by Design]] principles - Use of [[fully homomorphic encryption|FHE]] in securing tax/pensions/benefits systems - Is 'giving the answer' a leak of information or the point of the system? - Run/fork [[Helios]] for my voluntary work, and give it some love at the same time - "Applying remote voting to the organisation of a small UK company to improve direct democracy"? - Using a quantum computer to crack [[asymmetric|asymmetric encryption]]? - deploying [[post-quantum compute]] in a large organisation