Message digests for forensic purposes
I found a question in my studies whose answer I didn’t like. So I’ll repeat the question and the choices, and state what I think the answer should be and why I think that way. Any experts out there who...
View ArticleDon’t reuse your Zappos.com password
Online shoestore Zappos.com got hacked. Among other things, the hackers got names, addresses, e-mail addresses, and encrypted passwords. That’s not as bad as getting unencrypted passwords, but there...
View ArticleChange your Linkedin password now
If you use the professional social networking site Linkedin–which I recommend, albeit now with caveats–you need to be aware that someone stole at least part of its passwords database and leaked it onto...
View ArticleThe CP/M-DOS forensics don’t prove much
I saw the headline on Slashdot: Forensic evidence trying to prove whether MS-DOS contained code lifted from CP/M. That got my attention, as the connection between MS-DOS and its predecessor, CP/M, is...
View ArticleDon’t let what happened to Mat Honan happen to you
Technology journalist Mat Honan infamously had his entire digital life hacked and erased this week. Slate published some advice to keep the same from happening to you, and my former classmate and...
View ArticleOffice 2010, early impressions
I’ve mentioned several times that I hadn’t seen Office 2010 yet, so I couldn’t comment on it, and would reserve judgment until I’ve seen it. I’ve been working for companies that were a bit behind the...
View ArticleHow to send banking documents securely over e-mail
When you’re getting a loan, sometimes you have to send documents like bank statements electronically. If you want the money in those bank accounts to actually stay there, you need to protect those...
View ArticleHow to encrypt PDF files for free
Yesterday I wrote about the importance of encrypting documents before you send them via e-mail. But what if you don’t have a PDF creator, other than Microsoft Office or Open/Libre Office? It turns out...
View ArticleArs Technica looks at asymmetric enryption
Ars Technica posted an overview of asymmetric encryption recently. This is a good introductory look at encryption, specifically, asymmetric encryption. It’s not everything you need to know, but I think...
View ArticleHow to set up powerline networking securely
When you live in a neighborhood where everyone has a wireless network, you’ll struggle to get adequate coverage in every room of your home. That’s just the nature of wireless networking; we don’t have...
View ArticleThe 1 TB-ish SSD: The Micron M500
Anandtech has a review of the Micron M500, which is the first 960 GB SSD to retail for less than $600. Micron had to make some decisions to get that combination of capacity and price, so it’s not truly...
View ArticleDon’t read too much into the PC sales drop just yet
If you’ve been paying any attention at all, you probably know that new PC sales are in the toilet–out of the five biggest vendors, the only one whose sales managed to hold steady in Q1 2013 was Lenovo,...
View ArticleLinksys isn’t the only company building insecure routers
I warned a few days ago about Linksys routers being trivially easy to hack; unfortunately many other popular routers have security vulnerabilities too. The experts cited in the article have a few...
View ArticleWhat to do about PRISM is unclear as of yet
I haven’t written a lot yet about Mr. Edward Snowden and the NSA PRISM program. I will in time, but want to be careful not to be spreading misinformation, and not to merely be repeating what everyone...
View ArticleBad news about smartphones, but maybe not all bad
When you install Java on a Windows box, it brags that it runs on 3 billion devices. It’s not joking. A fair chunk of those 3 billion devices are the SIM cards that register your cell phone on its...
View ArticleNo, healthcare.gov won’t get you hacked
A professional hacker did a Q&A session on one of the local TV stations earlier this week. Someone asked him if signing up at healthcare.gov presented a danger of getting their identity stolen or...
View ArticleHostsman makes it easy to block malware with a hosts file
I’ve written before about using the hosts file to block domains that are hosting malware. The idea is pretty simple. There’s a known list of domains that are either hosting or controlling malware, so...
View ArticleCutting through the fluff around the Target PIN breach
OK, so Target is back in the news, and it’s nowhere nearly as bad this time but there’s some posturing and some fluff in the news, so I’ll take it upon myself to demystify some of it. Some of it’s PR...
View ArticleWhy last week’s “news” of the NSA’s quantum computer project doesn’t bother me
Last week, another Snowden leak surfaced that stated that the NSA is working on a quantum computer capable of breaking all known current encryption, trivially. I didn’t find this shocking. When I was...
View ArticleWhy you need to guard your Backup Exec servers
If you have a Windows domain, there’s a fairly good chance you have Backup Exec servers, because you probably want to take backups. Because you need them. (As a security guy, I no longer care how you...
View Article
