A new release of TrueCrypt is available. What’s new? This feature sounds really interesting: Provides two levels of plausible deniability, in case an adversary forces you to reveal the password: 1) Hidden volume (steganography) and hidden operating system. 2) No TrueCrypt volume can be identified (volumes cannot be distinguished from
Metasploit on an iPhone
An other good reason to get an iPhone (still not announced in Belgium, btw): Metasploit is available on the iPhone. See Muts’ Blog.
Let’s Play in Sandboxes!
Children like to play in a sandbox. Computer users should also play in sandboxes… to increase their security! A sandbox is a mechanism (a software) used to execute untrusted applications. A sandbox can be seen as a light-virtualization system. True virtualization (performed with products like VMware, VirtualBox or Virtual PC)
Spoofed User-Agent by AVG
I just read an interesting story on The Register: It seems that the latest AVG antivirus is generating a lot of web traffic with spoofed user-agents (IE6). Read the story here: http://www.theregister.co.uk/2008/06/26/avg_disguises_fake_traffic_as_ie6/.
PktAnon : Packet Trace Anonymization Tool
A few weeks ago, I wrote a post about packet capture anonymization. When you have to share traces with other parties, anonymization can be a requirement. A new tool is available: PktAnon.
Everybody use screensavers! Initially, the purpose of those little applications was to preserve the phosphor used in CRT displays. There are thousands of screensavers available (well known are floating texts, slideshows, fireworks, etc). But screensavers can also be used to display useful information to the user and why not security
AdvFS Goes Open Source
HP announced that the AdvFS source code will be made open source. A few years ago, I worked with Tru64 and AdvFS. It was a wonderful file system but, unfortunately, Tru64 development stopped after the Compaq take over by HP. Let’s hope that the AdvFS source code will provide benefits
Microsoft, HP ship free tools to protect Web sites from hackers
Microsoft and HP released free tools to help web developers to protect their sites against SQL injection attacks. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9103138&intsrc=hm_list.
Lynis: Security and System Auditing Tool
Michael Boelen announced today a new release of his tool called Lynis dedicated to UNIX specialists. Michael is also the developer of RootKit Hunter. Quote from the homepage: “Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related
Nessus License Updated
Nessus is a well-known security scanner used by many administrators, consultants or independant. Tenable, which promote the Nessus product, announced big changes in the licensing model of Nessus. Read all details here.