Tag Archives: Security

The Email Self Defense Project

The Free Software Foundation has a new project aimed at getting people to install and use email encryption software. They have published a guide and infographic that demonstrates in simple terms how (and why) to set up GnuPG and then … Continue reading

Posted in General | Tagged | 3 Comments

Troy Hunt on the Cobra Effect

Troy Hunt comments on that incredibly silly tweet by British Gas explaining why they disable pasting into the password field on their site. I wrote about that here. Sadly, it turns out that this practice is more widespread than I … Continue reading

Posted in General | Tagged | Leave a comment

Encrypt Your Dropbox Data!

I’ve told you many times (here, here, here, here, and here) that if you’re using Dropbox and you have any file in it that you wouldn’t like to see on the Internet, then you better be encrypting those files. Dropbox … Continue reading

Posted in General | Tagged | Leave a comment

Password Silliness Epitomized

Remember how I told you of a sure tip off to an insecure site? Were you looking for an in-the-wild example? Well, here it is. The very apotheosis of a bad password policy. Forget, for a moment, the ridiculous explanation … Continue reading

Posted in General | Tagged | Leave a comment

More Password Field Silliness

The other day I wrote about the stupid password policies and handling that many sites have. It appears that I’m not alone in being infuriated by this nonsense. David Pashley has his own post documenting some of the silliness. In … Continue reading

Posted in General | Tagged | Leave a comment

Handling Password Fields

With the advent of the heartbleed debacle you’ve probably spent a bunch of time changing your passwords. I know I have. Having to update several passwords has opened an old wound: the really really stupid policies and coding behind password … Continue reading

Posted in General | Tagged | 4 Comments

Another GnuPG Tutorial

I’ve written many times about GnuPG and other programs that support the OpenPGP standard (the last time here). I really, really wish that everyone would start using it. That would certainly put a crimp in the NSA’s operations. Over at … Continue reading

Posted in General | Tagged | Leave a comment

The Security of the Apple Keychain

TidBITS has a great post on how Apple secures the iCloud keychain. An Apple device will remember passwords to sites you visit, WiFi nodes you join, and many other things. If you don’t do anything special, these credentials will be … Continue reading

Posted in General | Tagged | Leave a comment

Dual_EC_DRBG Expalined

Irreal readers are doubtless familiar with the broad outlines of the NSA’s insertion of a backdoor into the NIST Special Publication 800-90A elliptic curve random bit generator but may be unfamiliar about what was actually involved. Now Mother Jones has … Continue reading

Posted in General | Tagged | Leave a comment

The Dangers of the Digital Life

I’ve written before about how I’ve embraced the digital life and pretty much given up dealing with paper, pens, and all the rest of the traditional record keeping methods. Almost everything happens on-line and whatever paper documents I get are … Continue reading

Posted in General | Tagged | Leave a comment