|
Which news topic is most interesting to you?
| |
Viruses & Worms |
 | |
Safe Programming |
| |
Policies |
| |
General Security |
| |
Cryptography |
| |
Countermeasure |
| |
Corporate Security |
| View Results |
There is currently 0 registered member(s) and 2 guest(s) that are online.
|
|
|
Free and Open Source Encryption Software
Posted by: ttye0 on January 19, 2010 09:07
|
[0 comment(s)]
[Submit Comment]
|
|
One of the best ways to protect sensitive computer data like credit card numbers and social security information is to use encryption software. Encryption software executes an algorithm that is designed to encrypt data in such a way that it cannot be recovered (decrypted) without access to the key. It is a main component of all aspects of file protection and computer communication. Files on hard drives and other removable media, email messages, and packets sent over computer networks can be made secure by encryption software....[more].
|
Is your secure USB flash drive really secure?
Posted by: ttye0 on January 12, 2010 14:07
|
[0 comment(s)]
[Submit Comment]
|
|
If you're like me, you've taken to carrying important data on USB sticks or flash drives. They're handy, you can use them on any PC, and with built-in encryption even if you lost them it was no big deal. Bad news: It's now a big deal. The German security company SySS GmbH discovered that many, but not all, of today's encrypted USB sticks and flash drives are actually vulnerable to a relatively easy attack. It is not that the encryption itself-usually AES (Advanced Encryption Standard) encryption--that has been broken. It hasn't been. Despite what you may have read from some fear-mongers, AES remains unbroken.
What has happened though is that it appears many vendors didn't think through how they let people use the encryption in the first place. When you use a new encrypted USB drive for the first time, the drive already has a default device password. When the device's software asks for you to enter a password, it places its device password on your computer to authorize your drive and your password. Once on the computer, SySS discovered that you could watch the password authorization process. ...[more].
|
SQL Injection Strings
Posted by: ttye0 on January 07, 2010 07:54
|
[0 comment(s)]
[Submit Comment]
|
|
SQL injection attacks are executed via front-end Web applications that don’t properly validate user input. This tutorial is not going to go into detail on why these string work but it will show you how you can form these SQL Injection Strings which can be used to hack any website....[more].
|
Code that encrypts world's GSM mobile phone calls is cracked
Posted by: ttye0 on December 29, 2009 13:54
|
[0 comment(s)]
[Submit Comment]
|
|
A German computer engineer said Monday that he had cracked the secret code used to encrypt most of the world’s mobile phone calls. In an attempt to expose holes in the security of global wireless systems, 28-year-old Karsten Nohl cracked the 21-year-old GSM algorithm, which is used to encrypt 80 percent of the world’s mobile calls, reports the New York Times. Nohl revealed his success at the Chaos Communication Congress in Berlin, Germany. He said that 24 people worked independently to reproduce the code book, or binary code log, for the algorithm, which contains the equivalent of about two terabytes of data....[more].
|
Chrome OS Security Overview
Posted by: ttye0 on November 25, 2009 11:37
|
[0 comment(s)]
[Submit Comment]
|
|
Google has put up a very interesting document explaining the security features underlying its Chrome OS. The document also details the underlying guiding principles of Chrome OS' security features. In short, it comes down to process isolation, secure auto-update, verified boot, encryption, and more. Google's goal was to make the system practically secure and easy to use. In order to achieve this goal, the team followed four guiding principles....[more].
|
Blog: Authentication Changes
Posted by: ttye0 on November 16, 2009 08:18
|
[0 comment(s)]
[Submit Comment]
|
|
There have been some changes to the code that handles user authentication and account information storage. If you are unable to login or reset your account password successfully please feel free to contact me. You will find a link on the left side of this page for contacting me.page for contacting me. [less]
|
How to DDOS a federal wiretap
Posted by: ttye0 on November 13, 2009 10:11
|
[0 comment(s)]
[Submit Comment]
|
|
Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the U.S. The flaws they've found "represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial," the researchers say in their paper, set to be presented Thursday at a computer security conference in Chicago. Following up on earlier work on evading analog wiretap devices called loop extenders, the Penn researchers took a deep look at the newer technical standards used to enable wiretapping on telecommunication switches. They found that while these newer devices probably don't suffer from many of the bugs they'd found in the loop extender world, they do introduce new flaws. In fact, wiretaps could probably be rendered useless if the connection between the switches and law enforcement are overwhelmed with useless data, something known as a denial of service (DOS) attack....[more].
|
An important Linux fix
Posted by: ttye0 on November 09, 2009 11:32
|
[0 comment(s)]
[Submit Comment]
|
|
Most of the time you can go for months, years, without patching your Linux distribution and not be in any real danger. A recently uncovered security hole in the Linux kernel does deserve your attention. Specifically, Earl Chew, a Linux developer, and, at about the same time, Brad Spengler, creator of the Linux security program Grsecurity, discovered that there was a possible null pointer error that could, in theory, enable non-root users grab administrator privileges. You don't want that to happen. This particular bug, known in developer circles as CVE-2009-3547, hits all modern versions of the Linux 2.6 kernel It's been fixed in the upcoming 2.6.32 RC (release candidate), but unless you're running on Linux's bleeding edge, you're not running that version of the kernel....[more].
|
Canonical Takes on Win 7 With Ubuntu 9.10 RC
Posted by: ttye0 on October 26, 2009 09:35
|
[0 comment(s)]
[Submit Comment]
|
|
Canonical on Thursday made available the Release Candidate of its latest Linux-based operating system, Ubuntu 9.10, on the same day Microsoft launched the long-awaited Windows 7.
The upcoming Canonical release, which is code-named Karmic Koala, is the latest version of the popular flavor of the Linux OS. The development release on Thursday pushed the OS one step closer to final release, which is due on Oct. 29, according to the company's release schedule Web page....[more].
|
Why Security Matters Now
Posted by: ttye0 on October 19, 2009 13:56
|
[0 comment(s)]
[Submit Comment]
|
|
Today's most compelling technologies are giving you the biggest security headaches. Social networking sites such as Twitter, Facebook and LinkedIn enhance collaboration and help your company connect with customers, but they also make it easier than ever for your employees to share customer data and company secrets with outsiders. Virtualization and cloud computing let you simplify your physical IT infrastructure and cut overhead costs, but you've only just begun to see the security risks involved. Putting more of your infrastructure in the cloud has left you vulnerable to hackers who have redoubled efforts to launch denial-of-service attacks against the likes of Google, Yahoo and other Internet-based service providers. A massive Google outage earlier this year illustrates the kind of disruptions cloud-dependent businesses can suffer.
But there's also good news. Even though the worst economic recession in decades has compelled you to spend less on outsourced security services and do more in-house, your security budget is holding steady. And more of you are employing a chief security officer....[more].
|
|
|
"The way is not in the sky. The way is in the heart."
-Buddha
|
|
|
|
