Millions of Insecure Devices Share The Same Keys

keySo how would it be if you found out that the key to your house also worked at your neighbor’s house.  What if it turned out the builder in your subdivision used the exact same lock on every house they built, and your key could get you into every house in your neighborhood?

This is essentially the situation that security researchers at SEC Consult discovered with a host of Internet connected ...

Continue Reading →
0

Crypto-Ransomware Round-Up

cryptolockerSome of the nastiest exploits going around are the many variants of the CryptoLocker and CryptoWall malware that encrypt all your personal files and hold them for ransom.  Payment in bitcoin is required, in amounts starting at $200 and ranging upward to the $17,000 (400 BTC) that Hollywood Presbyterian Hospital just paid to unlock their files.  Or even more.  The amount will be whatever the attackers think they can extract from the victim.

  • The latest ...
Continue Reading →
0

Why The Government Can’t Be Trusted with Back Doors

backdoorHow would you feel if, in order to gain access to a known terrorist’s house, the government passed a law that required every lock manufacturer to create a master key that would unlock every locked door anywhere?  What if the police promised that they would only use the key on the one house?  What if they promised to keep the key safe and secure so it could never get into the hands ...

Continue Reading →
0

Perils From The Edge – A Solution

turris-onamiaThere is a small company in the Czech Republic called Turris that developed a home and small office wireless router that may be the most secure small router available.  That is – when it’s available in April.  Right now its an Indegogo project.  You can pre-order it now for about $200.

This is an open-source project running OpenWrt.  According to the manufacturer, the router will be available in several ...

Continue Reading →
0

Perils From The Edge – Insecure Routers

juniper-networksAt the end of December last year Juniper Networks discovered that some malicious actors had added code to the firmware and software that run their routers, creating a back door that would allow attackers to access the router remotely, assume administrator privileges, and view and decrypt VPN traffic running through the routers.  As the story unfolded, it turns out that Juniper was using a random number generator from NIST, and that the Continue Reading →

0

Do You Need A Virtual Private Network?

encryptionA virtual private network, or VPN, is a type of network computer connection that creates a private encrypted communications channel, commonly called a “tunnel,” when using insecure networks, such as in hotels and coffee shops, or when communicating over the Internet.  Many businesses provide a VPN connection for their mobile and traveling employees.  This means that when out of the office, a worker can open the VPN and be connected to the ...

Continue Reading →
0

What is Security In A Box?

linux-logoAt the November meeting of Penguins Unbound, the local Linux Users Group, I was introduced to a group of people from CryptoPartyMN.  These guys and gals are serious about anonymity on the web.  On of the resources they discussed was a great website called Security in a Box.  If you would like to learn how to be more secure in your online communications, this is certainly a ...

Continue Reading →
0

New Tor Messenger App Offers Encrypted Communications

TORlogoThe Tor Project released the beta of their new Messenger app.  This messenging client is based on Mozilla’s Instantbird, and works with several popular messaging platforms, including Facebook Chat, Twitter, Google Talk, and Jabber.

The encryption piece is handled using Tor’s OTR Protocol (for Off-The Record), and requires that users exchange a secret key.  This is available in Windows, Linus, and OSX versions from the Tor website.

For more information:

Continue Reading →
0

Good Question

free-wifiMy Facebook friend Jeff Wegge asked:  “Security question Bob. Is the hotspot on my mobile verizon phone any more secure than public Wi-Fi?”

This is a most excellent question! Generally speaking, the mobile hotspot will be more secure for two reasons The first is that only you are likely to be using it, unless you explicitly shared the SSID (network name) and passphrase with someone else. The second reason is ...

Continue Reading →
0
Page 4 of 4 1234