For a while my daughters are using a laptop at home for games. A specific account was created for this purpose with limited access rights (no Internet at the moment!), access time and no password. Now, the youngest (six years old) has enough knowledge to type words on the keyboard.
Category: Security
Virtual Banking, Real Risks?
Announced on BBC News, Mindark, the developers of Entropia, get their license to perform on-line banking! Entropia is an online game defined as “The first virtual universe with a real cash economy”. The Swedish Financial Supervisory Authority accepted and issued a license to Mindark. It allows players to convert their
ISSA-Be Event: Targeted attacks: Balancing FUD, Reality and the Future
Back from the last ISSA Belgium Chapter event about targeted attacks. The speaker was Swa Frantzen. This is really a great guy who’s also a SANS ISC handler. Last year, he already made a presentation for ISSA about one day @ ISC. Less than twenty people attended the meeting today,
Dynamic Signature Verification
Authentication is a key point in security. How to be sure that the user behind the keyboard is really the one he pretend to be? A hand-written signature can by used as an authentication factor (but combined with another one – remember – strong authentication requires multiple factors). Basic signature
ActuSecu #22 is Out!
Release #22 of ActuSecu is out! Available here. Covered topics: Identity theft on the Internet, MD5 collisions and SSL certificates vulnerabilities, Conficker, FreeBSD telnet and Microsoft XML exploits and malicious RSS feeds.
Yubikey: One Time Password vs Static Password
I received my Yubikey a few days ago! Very good service from Yubico. Living in Belgium, the key was sent from Sweden (three business days to be delivered, tracking number, safely packed, etc). For those who never heard the word “Yubikey”, a small introduction. The Yubikey is a very simple
Safe Syslog Data Storage
Logs are important in your security policy. Each devices in your infrastructure generate events and write them to log files. Log files are stored locally and can be reviewed via the tool provided by the device manufacturer. However, it quickly becomes a pain to manage if you’ve hundreds or thousands
Garry McGraw @ OSWAP Belgian Chapter Meeting
Back from the second OWASP Belgian Chapter meeting! This event had only one speaker but which one: Gary McGraw himself. What a wonderful speaker! He knows his topics and is able to keep the audience aware with a typical sense of humor. I liked! Gary is the author of several
Unsafe Customer Data!
I received the following e-mail yesterday. It came from a Belgian e-commerce website. It’s a company active in a very specific out-door activity (no name here, but if they are other customers reading my blog, they will for sure recognize the format). The customer base is restricted (but international). Sorry
Keep an Eye on SSH Forwarding!
OpenSSH is a wonderful tool box. The main purpose is to establish encrypted connections (SSH means Secure SHell) on a remote UNIX machine and, once authenticated, to spawn a shell to perform remote administration. Running on port 22 (default), the client (ssh) and the server (sshd) exchange encrypted information (what