Tuesday, July 1st, 2008
If you just shelled out some pretty pennies for the a high-speed, low-power SSD, Tom's Hardware may have stumbled onto some findings that won't sit well. According to a rigorous benchmarking session, they discovered that not only do the drives not save you battery power... they eat more of it. ...
Posted in General BS, Hardware | No Comments
Tuesday, June 24th, 2008
The interception of Internet traffic to snoop on phone calls or track surfers' behavior is a hot topic -- but what's keeping members of ICANN's Security and Stability Advisory Committee up at night is the interception of traffic to and from sites that don't even exist. They explained why in ...
Posted in Internet, Security | No Comments
Tuesday, June 3rd, 2008
For a while now I’ve been using different web browsers to compartmentalize my risk. Most of my primary browsing is in one browser, but I use another for potentially risky activities I want to isolate more. Running different browsers for different sessions isolates certain types of attacks. For example, unless ...
Posted in General BS, Internet, Linux, Privacy, Security, Software | No Comments
Tuesday, June 3rd, 2008
Access-Me allows users to test their web applications for authentication vulnerabilities. With this first release the user will be able to:
Resubmit the current page without session tokens
Resubmit the current page using different HTTP verbs (HEAD/SECCOM)
View reports on how the application handled the requests.
Access-Me 0.1 is available ...
Posted in Privacy, Security | No Comments
Sunday, June 1st, 2008
XSS (Cross-Site Scripting) Very Much Alive and Kicking
We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...
Posted in Coding, Internet, Security | No Comments
Wednesday, May 28th, 2008
Complexity is the enemy of security. Simple systems are inherently more secure than complex solutions. We see this idea validated again and again in security.
Unfortunately, our IT systems are getting more and more complex as we depend on technology to fuel business growth and innovation. But do we really need ...
Posted in General BS, Hardware, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Thursday, May 15th, 2008
Eruces Data Security has secured a patent for its three-step encryption and key management scheme, which is designed to lock down data through its lifecycle.
The security firm’s so-called Tricryption technology first encrypts the data itself with symmetric keys, and then encrypts the keys and stores them in a central key ...
Posted in Internet, Privacy, Security | No Comments
Monday, May 12th, 2008
ZoneAlarm ForceField provides a protective layer around your browser, shielding you from drive-by downloads, browser exploits, phishing attempts, spyware and keyloggers. So your passwords, your confidential information, and your financial data remain protected.
While traditional security, such as firewalls, antivirus, and security suites, protects your PC, ZoneAlarm ForceField protects your browser ...
Posted in Internet, Privacy, Security | No Comments
Friday, May 2nd, 2008
IronKey Inc., maker of the world's most secure flash drive, announced today availability of the
8GB-capacity of its IronKey secure USB devices. IronKey brings unprecedented mobile data convenience and security to individuals and organizations with its rugged, waterproof and tamper resistant USB drives that include always-on hardware encryption, strong authentication, portable ...
Posted in Hardware, Privacy, Security | No Comments
Thursday, May 1st, 2008
The fundamental problem with two factor (2FA) session authentication is that the approach is vulnerable to Man in the Middle and Man in the Browser attacks. 2FA requires that customers present not only a password (something they know) when they log into online banking, but also demonstrate that they possess ...
Posted in Internet, Privacy, Security | No Comments
