Security

HTML5 security issues

HTML5 has opened many new possibilities for developers. Now you can use web technologies to build full mobile applications, not just web pages. When you are building those application you need to know The Security Risks of HTML5 Development, because HTML5 includes a number of useful features that pose as double-edged swords from a security

Keeping Your Data Private From the NSA

For the last week news sources have been full of controversy over the NSA’s controversial PRISM surveillance program (check the latest comments on my Security trends for 2013 article) after top-secret slides detailing the massive electronic surveillance programme were leaked last week by ex-CIA techie Edward Snowden. If those newspaper reports are accurate, the NSA’s

sshpass

The recommended way when you need to do SSH communications (let it be SSH or SCP) from a script is to use secure public key authentiaction to authenticate with the other end. With this you can open SSH connections without putting any passwords to your scripts. But sometimes the best solution is what you can

The Politics of Security

Well known security guru Bruce Schneier has an interesting blog posting titled The Politics of Security in a Democracy. It tells that terrorism causes fear, and we overreact to that fear. Our brains aren’t very good at probability and risk analysis: We think rare risks are more common than they are, and we fear them

SCADA security basics

Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. SCADA software runs on regular computers, but is used by owners of critical infrastructure and other various types of industrial facilities to monitor and

Tietoturva nyt! 2013 – data security now

Finnish Communications Regulatory Authority Viestintävirasto had a Tietoturva nyt! 2013 security seminar two weeks ago. Viestintävirasto has now published the seminar presentations. Most of the presentations are in Finnish, but there are also four presentations in English. If networking and cyber security interests you those are worth to check.

NSA Google Search Tips

There is so much data available on the Internet that even government cyberspies need a little help now and then to sift through it all. Wired article Use These Secret NSA Google Search Tips to Become Your Own Spy Agency tells that the National Security Agency produced a 643-page book Untangling the Web: A Guide

The age of the password is over?

You have a secret that can ruin your life. It’s not usually a well-kept secret. Kill the Password: Why a String of Characters Can’t Protect Us Anymore article tells that just a simple string of characters—maybe six of them if you’re careless, 16 if you’re cautious—that can reveal everything about you: Your email. Your bank

One Man Pinged the Whole Internet

What Happened When One Man Pinged the Whole Internet article tells about a home science experiment that probed billions of Internet devices reveals that thousands of industrial and business systems offer remote access to anyone. Moore’s census involved regularly sending simple, automated messages to each one of the 3.7 billion IP addresses assigned to devices

Spamhaus DDoS attacks

A fight between a spam-fighting group called Spamhaus and a Dutch Web host Cyberbunker has been called the biggest public DDoS battle in history in the news. Spam-fighting organization Spamhaus (helps to block spam from entering e-mail in-boxes) has been in a battle over the last week that has seen distributed denial of service (DDoS).