In a previous post, I talked about US authorities who have rights to read your hard drives. Today, Microsoft announced a new toy USB stick called COFEE: Computer Online Forensic Evidence Extractor. “The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which
OpenID and the Belgian eID
In a previous post, I talked about OpenID: This is a single sign on system for a multitude of websites. To perform my first tests, I installed the OpenID plugin on my WordPress and used an ID created on myopenid.com. It worked pretty well but why not use a strong
XP SP3 Changelog
The 3rd service pack for Windows XP will be released soon. Here is a changelog. It seems that the pack is already available for download ( ~350MB). The new features regarding security are: Network Access Protection Credentials Security Service Provider Enhanced security for Administrator and Service policy entries Microsoft Kernel
Big Brother is *really* Watching You!
Take care if you travel to the United States. It was a long story but finally authorities have now the right to analyze data contained on hard drives! The US Court of Appeal confirmed their rights to check the files stored on incoming notebooks! Source: http://www.reseaux-telecoms.net/actualites/lire-les-douaniers-americains-ont-bien-le-droit\ -de-copier-les-disques-durs-des-visiteurs-18062.html (French link)
Daily caffeine ‘protects brain’
Caffeine is often associated to evil. Sometimes it’s good, sometimes it’s not. This time, it’s positive: http://news.bbc.co.uk/2/hi/health/7326839.stm It’s time for a coffee break! 😉
NAP, 802.1x, VMPS & Co
Not a very long time ago, security was still focussed on the external side of networks and all bad guys playing on the Internet. Now, the perimeter security (DMZ, firewalls, IDS and other toys) is performed by mature technologies and devices to protect your network against external attacks (but never
OpenID – SSO for the Mass
User authentication is a key component of security practices. To allow certain operations in your websites, you first need to authenticate the user. To achieve this, there are plenty of methods. The most common is the login / password pair. Not the most secure but quite easy to deploy. One
DNS (un)Management
Today, I registered to a web cast event. Unfortunately, I lost my password. So I used the “lost password recovery ” feature provided on the website. But the temporary password didn’t reach my mailbox. Second try, same result!? After some unsuccessful investigations, I checked my SMTP log file and found
Security @ Work
Today I received a Powerpoint file from a friend. For security reason, I do not read them with Powerpoint. As always, I opened the file via the Gmail Powerpoint Viewer (can we trust even friends?). The slide show contained funny pictures about security at work (from all domains). I decided
Cisco Routers : Penguins Inside?
It has been officially announced by Cisco: Application eXtension Platform (AXP) enhances the capabilities of the Cisco Integrated Services Router (ISR) by enabling a tighter integration between the branch network, IT and application infrastructure. Ok, what does it mean? High-end routers were already able to run TCL scripts. Now, thanks