720-891-1663

Another SSL Attack – But Don’t Panic

SSL and TLS, the security protocols that protect most of our banking and ecommerce transactions is a complicated beast – more so due to the the many options it offers. ars technica in an article titled “Noose around Internet’s TLS system tightens with two new decryption attacks”, discussed a paper presented at Black Hat Asia that describes […]

Continue reading → [DISPLAY_ACURAX_ICONS]

EU-US Privacy Safe Harbor May Be In Jeopardy

Max Schrems, whom I have written about before (see post) is continuing his fight against Facebook.  He first took his battle to the Irish Data Protection Commissioner (DPC) since Facebook Europe is based in Ireland, but the DPC declined to take the case, because, it said, it had no legal requirement to do so (meaning […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Radio Shack Puts Its Customer Database Up For Sale

Remember when you bought that phone or USB cable at Radio shack and they asked for your name and email address?  CBS is reporting that Radio Shack listed that as an asset in their bankruptcy and has put it up for sale. That means your name, address, phone number and purchase information is up for […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Hilton Honors Web Site Flaw Found and Fixed

I have to both harass and complement Hilton. Until recently, Hilton was offering Honors members 1,000 points to change their passwords. First the harassment: A security staffer at BancSec figured out that you could hijack any other Honors account by guessing or knowing the account number and making a small change to the site’s HTML. The […]

Continue reading → [DISPLAY_ACURAX_ICONS]