Google announced the other day that it will now enable HTTPS by default on Gmail. Previously a user had to either manually type in HTTPS or change a setting to default to it, something most people likely never bothered to do. Google says it’s not related but it seems oddly coincidental that this [...]
Archive for the ‘Security’ Category
Two Security Updates
This patch Tuesday I have 3 updates for this XP box. Two of them seem rather similar yet one is given a title that’s much more obvious than the other. Why is one a “security update” and the other merely an “update”. I’m guessing severity, but I don’t think this is very [...]
Security Through Obscurity TSA/GSM Edition
It’s impossible to write code these days without having to study security to some extent. The byproduct of this is that since digital security concepts are based largely on real life, you see the obvious gaps in real life “security”. The quotes are intentional because many/most attempts only provide the feeling of security [...]
Plugin Check
Mozilla’s Plugin Check just launched. Considering 30% of Firefox crashes are plugin related, and they are often the source of security issues, it’s worth making sure you’re up to date.
It’s pretty simple to use. Just visit the page, and update the plugins that need to be updated. At the end of the [...]
Coin Tosses Not Totally Random
It’s generally assumed that a coin toss is “fair” because it’s considered “random” as long as you don’t use a double headed coin. In fact professional sports like football use it. While previously known or at least suspected, it’s not so random. Research shows it has a 1% bias. Making the [...]
Feds Alarmed About RFID Reader At DefCon
This is pretty amusing. Federal agents were apparently surprised that there were RFID readers hidden at DefCon, the most cut throat (and amusing to read about) hacker convention. Why they would carry anything containing a RFID chip inside is beyond me, but even more interesting is that they were surprised by this.
The article [...]
RFID War Driving
I’ve been a critic of RFID for the purpose of identifying people from early on because the concept is inherently flawed despite the insistence of people paid to insist otherwise. Chris Paget is in a widely circulated story regarding him driving around Fisherman’s Wharf with $190 worth of gear (likely not bought with an [...]
Phorm’s UserAgent
There’s a fair amount of controversy regarding Phorm a company who plans to target advertising by harvesting information via deep packet inspection. They are already in talks with several ISP’s. I’ll leave the debate over Phorm from a user perspective for someplace else.
They claim to offer ways to let websites opt [...]
Locking The Front Door But Leaving The Back Open
Here is an amusing yet failing attempt at security available in the App Store called Spaghetti Pad. Here’s the description from the app developer:
Is somebody always looking over your shoulder, snooping on your iPhone? Sure, we know. That’s why we built Spaghetti Pad. It’s a semi-private notepad which obfuscates your notes so they’re more [...]
Google AdSense And SSL
Google’s implementation of AdSense never ceases to amaze me. AdSense has been a major source of revenue for many websites for a few years now and has allowed many businesses to succeed where previously they would have had little chance. It’s a great program and I appreciate how it allows websites to monetize [...]
