General

Do Not Encrypt Passwords - Why, You Ask?

January 13, 2012

Encrypting passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper...

Comments (2)

Hacker Halted: Moxie Marlinspike on SSL Authenticity

November 02, 2011

An in-depth examination of the current problems with authenticity in SSL, some of the recent high-profile SSL infrastructure attacks in detail, and some strategies to definitively fix the disintegrating trust relationships at the core of this fundamental protocol...

Comments (1)

Black Hat USA 2011: Jeff Hudson - CEO - Venafi

August 09, 2011

While encryption was once used almost exclusively to protect information using SSL certificates and symmetric and asymmetric keys to scramble data, now it is also used in authentication mechanisms to confirm the identity of a user or a device, and for digital signing to protect data...

Comments (0)

Most Liked

Latest Member Comments

"This has spurred a thought process in my brain. Good article and good thoughts. I am still rolling it around in my head, but the though..."

CISO 2.0: Enterprise Umpire or Wide Receiver... Michael Farnum on 05-22-2012

"@CP & Ali, Ayup, no hand wringing, no jingoism... I assume the house Un-American Activities commission will soon have me keel haul..."

Hard Power, Soft Power, and the Power of Dig... Krypt3ia on 05-22-2012

"Also, am I understanding this properly? Is this Eric Byres suggesting air gap security is a myth because of the fact that the network b..."

Protecting SCADA Systems with Air Gaps is a ... Marc Quibell on 05-22-2012

"I understand. Thanks for the clarification."

Facebook "Like" Button = Privacy Violation +... Didier Trarieux-Lumiere on 05-22-2012