Tag Archives | security

Steam Cannot Connect to Internet for Qwest DSL User: Steam.exe exception and Hung Updating

If you are a Qwest DSL subscriber using one of the Actiontec Q1000 models and in the last few days (around 11/11/11) you noticed that when you run Steam, it just hangs during Updating… and after a minute or so of waiting it pops up with a cryptic “Steam.exe (main exception): .. connect to the Internet“, even […]

Read full story Comments { 1 }

AWS Elastic Load Balancer sends 2 Million Netflix API Requests to Wrong Customer

What is it? If you are unfamiliar with Amazon Web Services (AWS) or their Elastic Load Balancer (ELB) service, ELB is a load-balancing service that you can use to spread incoming traffic across many different EC2 server instances. ELB, like all things in the AWS cloud, is a dynamic service that scales up and down […]

Read full story Comments { 3 }

Designing a Secure REST (Web) API without OAuth

Situation You want to develop a RESTful web API for developers that is secure to use, but doesn’t require the complexity of OAuth and takes a simple “pass the credentials in the query” approach… or something equally-as-easy for people to use, but it needs to be secure. You are a smart guy, so you start […]

Read full story Comments { 247 }

TSA “Nude” Body Scanners Fails to Detect Firearms

You know those hugely expensive/controversial XRay body scanners that the TSA is employing at airports around the US that have everyone up in arms? Well NBC News is reporting that they aren’t that effective, with “plant” FBI agents making it through the scanner multiple times with a firearm. Adding insult to injury, none of the […]

Read full story Comments { 0 }

QN: Google’s reCAPTCHA has been Cracked

You know those reCAPTCHA anti-SPAM boxes you see on every other site’s signup page or story-submission page for social sites? Well it looks like it has been cracked for a while and even though Google continues to deny it, a researcher has proven that it has in fact been compromised.

Read full story Comments { 0 }

Stop Companies from Tracking You with the Disconnect Chrome Extension

Most browsers provide a “Private” or “Anonymous” mode, but as some users have found out even in those modes browsers are still allowing companies to set Cookies that are used to track your location online. Some of the biggest offenders of location-tracking are Facebook, Google, Twitter and other mega-social news sites like Digg who’s socialization […]

Read full story Comments { 3 }

LinkedIn – A Social Network That Cares About Your Security

If you are a LinkedIn member you may have gotten a Privacy Notice email from them that went something like this today: This was in response to a security breach on a different site, Gawker.com, where a number of usernames and passwords were exposed. We want to make sure those leaked emails and passwords were […]

Read full story Comments { 1 }

NETGEAR Powerline AV 200 (XAVB2001) Ethernet Adapter Kit Review

NETGEAR’s Powerline AV 200 (XAV2001) adapters turns in strong numbers for a home network when compared to an existing Wireless-N solution; particularly over long, multi-room spans, even with noisy appliances in the way. In this review we measure the performance of the NETGEAR Powerline AV 200 adapters in increasing distances from our base station and compare […]

Read full story Comments { 29 }

AJAX SHA-1/256/384/512 Hash Generator Released

In addition to the other handy AJAX-enabled utilities we released, we’ve just added a SHA (1, 256, 384 and 512) generator utility to the collection. Enjoy!

Read full story Comments { 0 }

Foursquare and Gowalla iPhone Apps Sending Passwords in Plaintext

Martin Kou did some Wireshark’ing this morning on the Foursquare iPhone application and found out it is logging you in to Foursquare by sending your password in plaintext over the wire. Foursquare replied and said they are rolling out an HTTPS authentication-based login today which is good news, but seriously, 1 million users later and […]

Read full story Comments { 1 }

ATM Card Skimmer Crimes Rampant in South East

We reported on ATM Card Skimmers in the past. It was amazing to most readers (me too!) how “normal” the addition of a card skimmer on your average ATM looks. Of course they are manufactured to slip onto the equipment unnoticed, but there is always that hope that you are attentive enough to catch such a […]

Read full story Comments { 6 }

Google Throws Privacy Out the Window by Default with Buzz

Update #1: Today Google rolled out the first of what we hope is many of the Buzz privacy controls that were lacking at launch. The changes include: More visible option to not show followers/people you follow on your public profile Ability to block anyone who starts following you More clarity on which of your followers/people […]

Read full story Comments { 0 }

How to Crack any Padlock

Pretty awesome real-world algorithm guide for cracking any padlock out there — not that secure for folks in-the-know:

Read full story Comments { 0 }

ATM Card Skimmers – Hidden in Plain Sight and Hard to Spot

Recently ran across this article at KrebsonSecurity analyzing common ATM skimmers that they found installed around the city and I was amazed at how well hidden they were — I’m almost certain I’ve used an ATM or gas pump with a skimmer on it now that I look at these. One common theme that seems […]

Read full story Comments { 8 }

Re-entry into UAE / Dubai Fine for Americans and 34 Other Exempt Countries

If you have ever wanted to go to Dubai or anywhere else inside the United Arab Emirates and read recently about the new “no re-entry into the UAE in under 30 days” law that is going around you are probably thinking like I was: “Well, screw that trip…”. As it turns out, this law firstly […]

Read full story Comments { 1 }

Verified by Visa is Useless

I was just shopping on Newegg and decided to purchase some more RAM for my computer. I added the item to my shopping card, hit purchase, entered my Credit Card info and hit Finish. I had forgotten that I had enabled the frustratingly stupid “Verified by Visa” check-out security process in the past… I somehow […]

Read full story Comments { 10 }

Microsoft Will Never Understand Usability – Vista Device Driver Security Example

We took our first look at Microsoft’s inbility to create something genuinely useful and a minature review of Vista when we evaluated Windows Vista Backup at the beginning of the year. The premise of that article being that by evaluating a single program, and all the usability/functionality flaws it had, you got an impression of […]

Read full story Comments { 10 }

Using host.allow and hosts.deny for Quick Network Security

While configuring a firewall is by far the best way to secure your system, there are times when you need a way to access a remote server that doesn’t compromise security. A quick fix for boxes that need to be in the De Militarized Zone (DMZ) for a short period of time is to modify […]

Read full story Comments { 0 }

Software Algorithm to Recreate Keys from Photo Only

John Hering sent in a link to a story about UC Sand Diego computer programmers that have developed an image-recognition software algorithm that can reproduce a physical key only from a picture of the key. Maybe not the most surprising thing in the face of recently announced 2D-to-3D image generation technology, but leads to an […]

Read full story Comments { 0 }

WPA Wi-Fi Encryption Cracked

I guess it was only a matter of time utnil someone found a quick way to break WPA Wi-Fi Encryption.  Erik Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key used by WPA in a relatively short amount of time: 12 to 15 minutes.  So far […]

Read full story Comments { 1 }

Stream Your Video Feeds with Palantir

Snapshot from palantir.santinoli.com: Over the past couple of weeks I’ve dabbled with the idea to add a webcam to my personal site that monitored a couple of pet furballs. The task was not too straight forward. I ran into many hiccups with alpha software and missing libraries. Most of the software related to setting up […]

Read full story Comments { 0 }

Vodafone Study Confirms 25% of Security Breaches are due to Mobile Devices

Interesting tid-bit from Vodafone UK this morning, looks like after a long-winded study they found that: 25% of companies experience a security breach due to mobile device (notebook, cell phone) use in unapproved ways. 50% of employees have no idea their companies have mobile device use-policies in place. Sounds to me like the companies are […]

Read full story Comments { 0 }

Android's Unlock Screen is a Level of Security

Google’s Android mobile platform has a pretty interesting approach to the unlock screen that makes it more than just a simple way to avoid hitting buttons in your pocket. Android’s unlock screen actually introduces a new level of security to the device that didn’t previously exist on mobile phones without introducing an annoying new system […]

Read full story Comments { 0 }

Easy Encryption in Java and Python with Keyczar

Do you need to encrypt small text data, like serial numbers or customer numbers in your web application?  With the amount of data being transmitted online and the increasing need to protect customers against identity theft, encryption is the one and only choice to keep customers safe. Unfortunately, implementing encryption is a daunting task and […]

Read full story Comments { 0 }