The secure communication solution gets an upgrade.more »
Encrypting USB Sticks Protecting your USB sticks with encryptionJul 01, 2009
How easy is it to lose a USB stick? Why not protect your data just in case the stick falls into unfriendly hands?more »
Security Lessons The death of MD5 (and some SSL certificates)Mar 01, 2009
Researchers set out to compromise MD5 in an effort to convince people to stop using it. We explain how the attack worked and what this means for you.more »
The idea of an industry-wide common cryptography standard is certainly welcome. But self-interest usually precedes usability, so two industry consortiums are now vying over which standards to adopt, one on the side of Sun and the other leaning toward IBM/HP. Then there is an additional player in the Trusted Computing Group.more »
The Tor Project announces that it has removed all bugs that Coverity Scan had found in its software.more »
Charly's Column The sys admin's daily grind: Single-packet authenticationOct 01, 2008
Conventional, woodpecker-style port knocking is open to sniffing and brute force knocking attacks. Sending an encrypted packet with an access request to the server is safer and more modern. Learn more about Firewall Knock Operator, a.k.a. Fwknop.more »
Expert Security Intro Staying one step ahead of the intrudersJun 01, 2008
Internet intruders have many ingenious ways of escalating privileges and hiding their presence once they get inside your system. The best protection is to keep them out in the cold.more »
Enigmail Encrypting mail in ThunderbirdMay 01, 2008
Combining the Enigmail add-on and the GnuPG encryption software gives Thunderbird users a powerful tool for encrypting and signing email.more »
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.