Tag Archives: Security

HUH?!?

Remote SSH access with a hard-coded password? In a security device? Today? Who does this? UPDATE: The answer, it seems, is just about everyone.

Posted in General | Tagged | Leave a comment

A Sad Security Prediction

Those of us who care about security will find this sad but in our hearts we know it's true: 1995: Every object in your home has a clock & it is blinking 12:00 2025: Every object in your home has a … Continue reading

Posted in General | Tagged | Leave a comment

Turn Off Adblock, Get Served Malware

I've written before about the horror that is adtech. Advertisers send us megabytes of Javascript for 500 words of content so that they can track us and build profiles of our habits and preferences. When users finally tired of this … Continue reading

Posted in General | Tagged , | Leave a comment

Diffie-Hellman Explained with Paint

A cornerstone of modern secure communications is the Diffie-Hellman key exchange. It solves the problem of two communicators who may not know each other and haven't previously agreed on a key to negotiate a secret key in public. This may … Continue reading

Posted in General | Tagged | Leave a comment

A Demonstration of How Hard Cryptography Is

In the battle over whether the government should require backdoors in cryptography products, the primary objection from those who actually know what they're talking about is that we're not smart enough to safely build in backdoors. That point is often … Continue reading

Posted in General | Tagged , | Leave a comment

Reporters and Encryption

Speaking of journalists, the Columbia Journalism Review gives them a good spanking for the terrible job they're doing in covering the encryption wars. In How not to report on the encryption ‘debate’, the CJR takes reporters to task for swallowing … Continue reading

Posted in General | Tagged , | Leave a comment

The TOR Attack

Fusion has a lengthy and informative report on the recent TOR attack. To some extent, the TOR project dropped the ball and failed to understand the seriousness of what they were seeing. The real villains, though, appear to be two … Continue reading

Posted in General | Tagged | Leave a comment

Password Enforcement

Ryan Winchester has a nice post complaining about the stupid password rules that some sites enforce. It's not that Winchester and the rest of us aren't in favor of stronger passwords or even that we mind some rules that might … Continue reading

Posted in General | Tagged | Leave a comment

Lenovo Yet Again

From Irreal's You Can't Make This Stuff Up department we have news of Lenovo once again secreting malware on their computers. This time it's on the top-of-the-line Thinkpad model widely assumed to be immune from this nonsense. I know lots … Continue reading

Posted in General | Tagged | 2 Comments

Turing Complete Documents

I thought this was pretty funny until I realized it applies to my beloved Org mode too. Why is it that the first thing we do after developing a new document format is to make it Turing-complete? Seriously what is … Continue reading

Posted in General | Tagged , , | 2 Comments