The Belgian Authorities will soon start an information campaign about “safe surf on the Internet” [1]. Prevention messages will be broadcasted on well known websites and radios. It is a nice initiative. Helas, security professionals know that the weakest element will always remain the end user. User education is important
Tag: Security
High Technology Snack?
Today I went with colleagues to a snack in Louvain-La-Neuve to pick up some food. This is a “standard” snack where students are employed like many others on university campus. But today, I saw a brand new box next to the door: It is a fingerprint scanner from Oytech, a
Belgian Police Website Defaced (again)
For the 4th time, a Belgian police website has been defaced last weekend (news in French). That leads me to several questions… In Belgium, there are several (196!) Police zones and Federal police services. I can totally understand that those services does not have the same needs in terms of
Do You Trust Your Applications?
Internet is a infinite source of free software! If you are looking for a small tool to automate tasks, convert files or make your life easier, there are chances that somebody around the world already wrote some code and distributed it for free on the Net. But, on a security
carprss.php Exploit
Since 29 February, this blog was hit by 400+ attempts to compromize the server and install an IRC bot. There is a new exploit of SiteBuilder in the wild. Hits came from the following compromized hosts: # awk ‘{ print $1 }’ <carprss.tmp | sort -nu 64.128.80.82 64.185.237.176 64.22.112.178 64.255.254.10
Common Belgian Platform Against Financial Security Threads
Good initiative from the Belgian banks: A campaign will start soon to warn the end-users about risks of financial fraud on the Internet (in association with Febelfin (Fédération belge du secteur financier), the FCCU (Federal Computer Crime Unit) and the CBFA (Commission bancaire, financière et des assurances). The banks will
Brrrrrrr!
In a previous post, I talked about whole disk encryption. More and more security incidents are reports by medias were laptop are stolen or list in the nature with thousands of ultra-confidential-top-secret-data. That’s why disk encryption becomes a hot topic at the moment. A “hot” topic? In fact, it’s more
You said “Goolag”?
The Cult of the Death Cow team is back with a new toy called Goolag. One more time, the Google search engine power is diverted to help webmasters to find security breaches in their web site(s). Of course, as a good boy, you will always use Goolag against your own
More TrueCrypt Stress Tests
Now that I’ve a fully encrypted disk… Let’s stress it! Just after the encryption process, I started Windows Update and installed 22 (!) patches. This operation generated lot of I/O. The system speed was “normal” (well, slow but normal for a P3 system). No big issue! No software complaint. It’s
TrueCrypt Whole Disk Encryption Test
In my previous post, I spoke about the new feature introduced in TrueCrypt 5.0: the whole disk encryption. This is a killer feature for all of us who carry lot of sensitive data on our notebook hard drives. The data mobility became a hot topic in IT security for the