Today no one doubts the usefulness of data encryption. It’s a fact: IP traffic and stored data must be encrypted using more and more powerful tools. Data can also be encrypted on mobile devices like PDAs. But what about SMS? Tapping of mobile communications is not easy for the common
Tag: Security
Take Care of Rogue Free Software Mirrors
Yesterday, first of May, the new OpenBSD release was made available! Like major big open source projects, to be able to serve all the download requests, the source code is available through mirrors around the world. I read the following post on the security-announce mailing list today: “It has come
Use Google Mail as a Sandbox
Google announced via his Official Gmail Blog the support of TIFF and Powerpoint files in their Gmail application. PDF files were already supported for a while. For a few months, PDF files have been hit by several security issues and recently, a zero-day exploit targeted Powerpoint files. Why not use
Tell Me How You Work and I’ll Monitor You!
Today, I read an interesting story in Datanews, a Belgian IT newspapers. To briefly resume, “Company A”, the customer, complains about “Company B”, the telecom operator, which installed a telephone central at the first one premises. During a weekend, hackers took control of the system and used it perform calls
When a Picture is Worth a Thousand Words
A security awareness is mandatory but can become quickly boring! Sometimes, a good picture is worth a thousand words. During a Google Image search, I found this one excellent! (Source: Minnesota States Colleges and Universities)
Strong Authentication with Linux
Next step in my investigations to implement a strong authentication process on my Linux laptop using the Yubikey. In a previous post, I explained how to use a Yubikey to authenticate on Linux with a PAM module. It works very well but, like I said in the previous article conclusion,
How a Buffer Overflow Works
Seen on blog.wired.com, a very good explanation about a buffer overflow attack (a very common method to compromize a system or application): blog.wired.com/27bstroke6/2009/03/conficker-how-a.html.
Yubikey Authentication on Linux
In a previous article, I presented the Yubikey product. I also explained why, for security reasons, the usage of two separate Yubikeys could be a plus. One converted to provide a static password and the second left as is (to provide one-time passwords). I received my 2nd Yubikey a few
Family Security Awareness Training
For a while my daughters are using a laptop at home for games. A specific account was created for this purpose with limited access rights (no Internet at the moment!), access time and no password. Now, the youngest (six years old) has enough knowledge to type words on the keyboard.
Virtual Banking, Real Risks?
Announced on BBC News, Mindark, the developers of Entropia, get their license to perform on-line banking! Entropia is an online game defined as “The first virtual universe with a real cash economy”. The Swedish Financial Supervisory Authority accepted and issued a license to Mindark. It allows players to convert their