Security
SSL unsafe for users?
“99% of SSL users have no idea how SSL works and consequently make informed decisions” Browser manufacturers try to make things easy for users but end up diluting the security properties …
History Of Buffer Overflow Protection
A great (old) post to Risks 22.74 about the past issues with designing solutions to buffer overflows in hardware. Also, a link to a paper describing the history of these efforts that I’ll be …
Pki'Not Working 39-
I still run into people who believe that PKI is a viable end-user authentication solution for the masses. My favorite were the systems that tried to solve the certificate portability problem by …
Crying'Security 39-
And now candidates are crying “security” to win elections… It works on both sides apparently. -J WSJ.com - Companies Cry ‘Security’ to Get A Break From the Government In …
Homeland Security Measures Ignore Fiscal Responsibility
Catching up on draft postings, this is one that is very timely today, although it was originally penned over a year ago. -J Message: 6 Date: Sat, 20 Sep 2003 14:26:14 -0800 From: “Rob, grandpa …
Reducing Your Exposure Running Dvarchive On Linux
I recently got a ReplayTV 5040 for a steal on closeout at buy.com and just love it. One of the most attractive features is how it is network-aware by default and that the community has created some …
Sony Style Warning needs a Warning?
Within the past month or so, I received a warning from Sony about fraudulent e-mails claiming to be from Sony but that actually were not. The deceptive e-mails were designed to lure Sony customers …
Best Buy Hoax Notification
Here is an excerpt from an e-mail I got today. If you ever get e-mail purportedly from a company that asks for you to divulge personal information, there is a high likelihood that it is one of the …
Cert Needs To Plug Leak
Confidential bug report gets sent to CERT. CERT sends it out to their advanced ISA (Internet Security Alliance: pay for early warning) group (Jericho calls “a vulnerability cartel) The bug …
Danger And Absurdity Of The Tsa No Fly List
John Gilmore points out how to have fun with bomb scanners by using hand lotion with Glycerine, or at least points out how easily such expensive equipment can be rendered useless. If equipment has any …