We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
If you're like me, you've taken to carrying important data on USB sticks or flash drives. They're handy, you can use them on any PC, and with built-in encryption even if you lost them it was no big deal. Bad news: It's now a big deal.
Am I sending sensitive information for hackers to sniff? Further concern is data security. With traffic taking place between the Netbook and the Internet cloud, hackers can sniff out Internet packages and intercept information between a PC and a Wi-Fi router. Most companies use encryption via VPN software to hinder hacking attempts, but this may not be possible with Chrome OS.
Developer Crowded Road has had a rather difficult time getting its Security Cam App approved. In fact, its claim its app was submitted to Apple back in December of 2008, yet was just approved recently. This lengthy approval time shouldn't be too surprising, as the idea of turning one's iPhone into a possible spying device could be a troubling concept to some.
Does this bother anyone, or is it just the cost of flying these days? How do you think the government could misuse this information? Here
This week brought some bad news for mobile phone users. German security expert Karsten Nohl showed how easy it is to eavesdrop on GSM-based (Global System for Mobile Communications) cell phones, including those used by AT&T and T-Mobile customers in the U.S. to make tools available for people to verify its insecurities.
Leading security expert Bruce Schneier was in London this week on a whirlwind lecture tour. ZDNet UK caught up with the ex-NSA man, who is now BT's chief security technology officer, at lectures in parliament and at University College London.
Intrusion protection system (IPS) technology is gradually adapting to virtual computing, as IPS vendors add to their product lines actual virtual IPSes as well as IPSes that protect virtual machines. Sourcefire's recent release of VMware-based virtual appliances was the latest arrival to the market of IPSes that work with virtual machines. IBM ISS also offers a virtual IPS, and TippingPoint has plans to roll out a virtual IPS offering as well.
Installing OpenVPN is easy and platform independent. Modern Linux systems, such as SuSE, Red Hat, Debian, or Ubuntu, provide sophisticated installation and package management systems, and still offer other ways to install the software. In this two-part article by Markus Feilner, we will install it on different Linux versions and FreeBSD.
The Electronic Frontier Foundation sued the CIA, the U.S. Department of Defense, Department of Justice, and three other government agencies on Tuesday for allegedly refusing to release information about how they are using social networks in surveillance and investigations.
Fingerprint checks on foreigners at border controls will begin at the end of November, says the UK Border Agency. In addition to usual checks at UK border controls, from 30 November, 2009 overseas nationals arriving in the country will have their fingerprints scanned.
Technology consultancy Detica today announced a new technology which could help internet service providers (ISPs) monitor illegal file sharing over the internet, but the firm was quick to point out that the system does not identify individual offenders.
The Internet Corporation for Assigned Names and Numbers on Tuesday condemned the practice of redirecting Internet users to a third-party Web site or portal when they misspell a Web address and type a domain name that does not exist.
Large swaths of the world are subject to censorship, or else track their citizens' use of the Internet. Free program Freenet lets you anonymously browse the Web, share files, chat on forums, and more--no matter where you are. Download and run the software, and you become part of a decentralized P2P network that uses encryption and other tools to keep you hidden and anonymous. As you browse, your data is encrypted and sent through a series of Freenet nodes, making it very difficult to track you.
Popular videos and articles get reposted or discussed on dozens or hundreds of sites. But Web experts are now thinking about how to keep track of online conversation in real time, even when it's scattered all over the Web. A new crop of protocols aim to do just that.
Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the U.S. The flaws they've found "represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial," the researchers say in their paper, set to be presented Thursday at a computer security conference in Chicago.
A test case fought by the Electronic Frontier Foundation (EFF) has shown the extent to which the US government is willing to bend the law in its quest for data it wants. Indymedia is a news aggregator for left-wing and libertarian writers and on 30 January one of its volunteer administrators Kristina Clair received a grand jury subpoena from the Southern District of Indiana federal court.
Ever wonder exactly what Google knows about you? Google today took a step to help answer that question with the unveiling of Google Dashboard, which is designed to let users see and control the copious amounts of data that Google has stored in its servers about them.
Google's biggest threat is no longer Microsoft. It is itself. As the company harvests copious quantities of personal data, it becomes dramatically better at serving customer needs... ...and at freaking them out over privacy concerns.
Often we need to secure communication channels, not for remote workers, but for server-to-server communication. Backups, for example, come to mind. It may be fine to use SSH or stunnel to ship data securely, but when performance is required and encryption cannot slow down communication, something else is necessary. OpenVPN is easy to configure, but it may not be sufficient.
Users who fear that the access credentials of their email accounts have appeared on the recently published list can now run a test to check. On Serversniff, Thomas Springer has set up a page that checks whether an email address appears on the known lists. To run the test, users simply enter the part of their email address before the "@" and the system will display any matching entries. However, only the first and last letter of the password will appear.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
