November 19, 2012 Added by:Bill Mathews
That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...
November 14, 2012 Added by:Infosec Island Admin
Sure, the schadenfreude is fun, and there are many gawkers and rubber necks out there watching with glee but in the end there is much more to this debacle. The bigger picture issues are multiple and, but to start lets just sit back and watch the calamitous demolition of those who partook and their hubris...
November 12, 2012 Added by:Electronic Frontier Foundation
Full Disk Encryption (FDE) is one of the best ways you can ensure all of the private information on your laptop stays private in case it's lost, seized, stolen, or if you choose to sell or give away your computer in the future. This feature has been built-in to many GNU/Linux distributions, including Ubuntu...
November 12, 2012 Added by:Pierluigi Paganini
The major concerns are related to the use of cameras of video devices such as PC, mobile devices and TVs to identify the user and verify its rights for vision and of course to determine his habits with the purpose to pack it for the best offer in terms of contents...
November 09, 2012 Added by:Mikko Jakonen
Criminals or 'adversaries' do not care about your papers. Period. Only a skilled set of controls, wisdom, and discipline in management secures the environment. Attackers will utilize every means to gain access your beloved environment...
October 31, 2012 Added by:Electronic Frontier Foundation
We released version 3.0 of HTTPS Everywhere, which adds encryption protection to 1,500 more websites, twice as many as previous stable releases. Our current estimate is that HTTPS Everywhere 3 should encrypt at least a hundred billion page views in the next year, and trillions of individual HTTP requests...
October 18, 2012 Added by:Alan Woodward
I recently wrote a piece for the BBC in which I tried to explain why steganography (as opposed to cryptography) posed a threat. Or least it might. The trouble is we don't really know, and the default position has been to assume that because we haven't discovered it being used en masse the threat is negligible...
October 09, 2012 Added by:Damion Waltermeyer
The power of parallelism cannot be overstated when it comes to these sorts of applications. Rather than go for a single powerful CPU, Adapteva has chosen to use a Dual ARM CPU with low power accelerator cores. This allows them to scale up cores cheaply and rapidly...
September 06, 2012 Added by:Scott Thomas
Learn about file versus whole disk encryption, as well as where keys are stored. Also learn to move the keys if you're going to wipe a drive. If I can offer anything to anyone about file encryption it would be to completely understand how it works before you play with live data...
August 02, 2012 Added by:Infosec Island Admin
One must know the technology and the problems with it before using it cognizantly. This unfortunately is not the case in what is being advocated by Quinn Norton on Wired with regard to Cryptocat. Specifically where she makes declamations about overthrowing governments with things like untested crypto schemes...
July 17, 2012 Added by:Ian Tibble
The idea that CEOs are responsible for all our problems is one of the sacred holy cows of the security industry. Security analysts, managers, self-proclaimed "Evangelists", "Subject Matter Experts", ad infinitum are responsible for the problems. Lets look at ourselves before blaming others...
July 12, 2012 Added by:Fergal Glynn
The impact of Insecure Cryptographic Storage flaws when exploited is usually quite high due to the fact that the information that is usually encrypted are important things like personally identifiable information, trade secrets, healthcare records, personal information and credit card numbers...
July 12, 2012 Added by:Headlines
Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...
June 27, 2012 Added by:Headlines
"RSA has received many inquiries, press pickups, blog entries, and tweets regarding an alleged crack by researchers of the RSA SecurID 800 authenticator... an alarming claim and should rightly concern customers who have deployed the RSA SecurID 800 authenticator. The only problem is that it’s not true..."
June 25, 2012 Added by:Headlines
"[These products are] designed specifically to deal with the case where somebody gets physical access to it or takes control of a computer that has access to it... Here, if the malware is very smart, it can actually extract the keys out of the token.That's why it's dangerous"...
June 11, 2012 Added by:Ed Bellis
All of these breaches present a great opportunity to learn what does and doesn’t work in information security. But when we get responses like the one posted by Last.FM not only do we not learn anything, we don’t have any reason to believe they have either...
Should I be worried about my web application... on 12-21-2014
Does PCI Compliance Work?... on 12-21-2014