/dev/random

Today, all organizations must take care of security. Not all of them have the same amount of data to protect nor the same level of confidentiality but they have to implement a security policy. If it’s rather easy to implement a security perimeter to protect against the Evil Internet, internal policies are much more complex [...]

Since the 6th of June, a great application is available (for free) in the AppStore. RSA released an iPhone version of its software token!
I already spoke about strong authentication on this blog. To resume, strong authentication is achieved by mixing at least two different types of authentication methods from the following list:

Something you know (a [...]

Next step in my investigations to implement a strong authentication process on my Linux laptop using the Yubikey. In a previous post, I explained how to use a Yubikey to authenticate on Linux with a PAM module. It works very well but, like I said in the previous article conclusion, strong authentication has to be [...]

In a previous article, I presented the Yubikey product. I also explained why, for security reasons, the usage of two separate Yubikeys could be a plus. One converted to provide a static password and the second left as is (to provide one-time passwords).
I received my 2nd Yubikey a few days ago (Benny, one more time, [...]

I received my Yubikey a few days ago! Very good service from Yubico. Living in Belgium, the key was sent from Sweden (three business days to be delivered, tracking number, safely packed, etc).
For those who never heard the word “Yubikey”, a small introduction. The Yubikey is a very simple USB-key recognized as a standard [...]

I got my new corporate laptop today, a Dell Latitude E6500, very nice computer. Working as a security consultant, I’m always on the road, connecting my laptop on customers or evil (free Wi-Fi access point or conference) networks . Fortunately, my company allows consultants, if they want, to manage their laptop by themselves (operating system [...]

According to their website, JanusVM is …
“a software that allows you to surf the Internet without oppression or censorship, while protecting your privacy, security, and identity. It has advanced filtering capabilities for modifying web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk.
It’s a VMware guest built on [...]

Ironkey is known to distribute very secure USB flash drives. Physically protected by a rugged metal case, they are water-proof and tamper resistant. Data protection is based on a builtin crypto chip (via AES). They announced a few days ago a new service:
“IRONKEY INTRODUCES SILVER BULLET SERVICE TO ENABLE MANAGEMENT OF SECURE USB FLASH DRIVES [...]

I’ll not trust this terminal anymore! (Picture taken in the Louvain-La-Neuve shopping center last Friday) Fail!

Yesterday, I bought a new toy. There was a special offer in Aldi shops: A mini-notebook Media Akoya. The announced price was 399€. Arrived on site earlier (to avoid retired people waiting in front of the doors), it was available for 369€ but with a 80GB disk. Once at home, good surprise: the disk was [...]