720-891-1663

Follow Up To TSA Master Key Fail

In a classic TSA response, the TSA says that this is no big deal. First, here is what they said in 2003 when they introduced them: TSA official Ken Lauterstein described them as part of the agency’s efforts to develop “practical solutions that contribute toward our goal of providing world-class security and world-class customer service.” Now, […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Why Are Software Development Process Audits Important?

D-Link makes a variety of network equipment, both for home and business users.  They release the software for this equipment, for the most part, as open source software.  This allows techie users to review the code to see if it does anything bad and since the software is useless unless you bought the hardware, there […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Beware How You Use Password Managers

ARS Technica wrote a piece on the continuing security flaw with password managers like LastPass and KeePass on Android.  Technically, the problem is an Android problem, but from the user’s standpoint they don’t really care. The problem is tools like LastPass and many others use the Android clipboard to automatically log you on to a […]

Continue reading → [DISPLAY_ACURAX_ICONS]

The Assumption Of Privacy – NOT!

Pierluigi Paganini, a fellow security blogger in Italy, wrote about a situation with Vodaphone where a Vodaphone employee rumaged through a journalist’s texts and phone calls to try and find the source of a story that the journalist wrote which was critical of Vodaphone’s security. The journalist, Natalie O’Brien, pictured above, described it as “creepy […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Password Reuse A Problem – 11 Million Ashley Madison Passwords Cracked Already

After the Ashley Madison breach, everyone sighed a breath of relief because the passwords were encrypted with bcrypt.  Bcrypt, as used by Ashley Madison, hashed the password 4,096 times.  That calculation meant that even with fast computers it would take centuries to crack all of them. Until a group of hobbyists – yes hobbyists, not professional […]

Continue reading → [DISPLAY_ACURAX_ICONS]