Graham Perrin's Library tagged security → View Popular

Referred from http://news.cnet.com/8301-27080_3-10295348-245.html - grahamperrin on 2009-07-29
In the midst of the criticism, there's a highlight that has the potential for great good! - grahamperrin on 2009-07-29

Hacker Says iPhone 3GS Encryption Is ‘Useless’ for Businesses
July 23, 2009
21 more annotations...
- encryption included with the iPhone 3GS is so weak it can be cracked in two minutes
- with a few pieces of readily available freeware.
- the new iPhone 3GS’ encryption feature is “broken” when it comes to protecting sensitive information such as credit card numbers and social-security digits
- professionals using the iPhone for business don’t seem to care, or know, about the device’s encryption weakness
- are using iPhones for work
- Several employees of Halton Company
- possible for any hacker to find an infiltration
- a security expert performed an evaluation of Halton
- no matter the level of security
- Halton has measures in place to respond to an information security threat
- rather than attempt to avoid it
- prepare for disasters
- prepare for if there’s a crack in [information] security.
- “Apple may be technically correct that [the iPhone 3GS] has an encryption piece in it, but it’s entirely useless toward security.”
- Any reasonably intelligent criminal would remove the SIM card to prevent the remote-wipe command from coming through.
- Research In Motion’s BlackBerry, which can self-delete automatically
- after the phone has been inactive on the network for a preset amount of time.
- with the iPhone: Pressing the Home button, and even zooming in on a screen, automatically creates a screenshot temporarily stored in the iPhone’s memory, which can be accessed later.
  - Screen shots, site thumbnails, etc. are potentially very useful — a good thing! - on 2009-07-29
  Add Sticky Note
- In August 2008, Apple CEO Steve Jobs acknowledged the existence of a remote kill switch for iPhone apps
- There is no evidence that the kill switch has ever been used.
- be cautious about investing too much trust in the iPhone and the apps available for it

Our Reaction To Your Reactions To the Twitter Confidential Documents Post

www.techcrunch.com/...er-confidential-documents-post - Preview

Google password security robust easy guess recovery cloud 2009

Google has a ridiculously easy way to get access to accounts via their password recovery question
documents and sensitive information in the cloud and had easy-to-guess passwords and recovery questions
1 more annotations...
- encourage Google and Google users to consider more robust data security policies

21 Jul 09

Twitter’s @Ev Confirms Hacker Targeted Personal Accounts; Attack Was “Highly Distressing.”

www.techcrunch.com/...-attack-was-highly-distressing - Preview

hack security Twitter PayPal Amazon AT&T MobileMe Gmail Google Apple Inc. 2009

Hacker Targeted Personal Accounts
posted the compromised screen shots
15 more annotations...
- Hacker Croll
- Using password recovery techniques
- access to various Paypal, Amazon, Apple , AT&T, MobileMe and Gmail accounts
- unrelated to the hack of twitter where someone gained access to user’s accounts
- did not actually gain access to
- nothing to do with the security of twitter.com
- any Twitter accounts
- nor any administrative functions
- email was compromised
- Gmail account,
- where he got access to some of my credit cards and other information
- personal accounts (Amazon, AT&T, Paypal…)
- we can never be entirely comfortable with what we share via email
- The Gmail access, if true, would have been more troubling
- isn’t actually Twitter’s fault

13 Jul 09

JavaScript URL encoding with Apostrophe [timstall.dotnetdevelopersjournal.com]

timstall.dotnetdevelopersjournal.com/l_encoding_with_apostrophe.htm - Preview

JavaScript Microsoft security filter escape problem apostrophe space Diigo 43912 2009

apostrophe (%27)
sometimes the security filter on the Web Server won't even allow the escaped chars

28 May 09

SD4L - ScramDisk for Linux

sd4l.sourceforge.net - Preview

TrueCrypt Linux security 2009

Linux tools and a graphical user interface (GUI) which
allow the creation of, and access to ScramDisk encrypted container files
a Linux driver which enables mounting ScramDisk
containers
1 more annotations...
- opens and creates TrueCrypt containers from TrueCrypt
  version 4.1 to 6.1a

28 Feb 09

macosxhints.com - Install vpnc as a replacement for the Cisco VPN client

www.macosxhints.com/article.php - Preview

security vpnc unread Cisco Systems virtual private network 2009

13 Feb 09

CVE-2009-0014 - Secunia Advisories - Vulnerability Intelligence - Secunia.com

secunia.com/...CVE-2009-0014 - Preview

CVE-2009-0014 security 2009

Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com

secunia.com/33937 - Preview

CVE-2009-0014 security 2009

CVE - CVE-2009-0014 (under review)

cve.mitre.org/...cvename.cgi - Preview

CVE-2009-0014 security 2009

26 Nov 08

The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks.

www.owasp.org/Main_Page - Preview

security 2008

A fine glossary at this site. - grahamperrin on 2008-11-26

ratproxy

code.google.com/ratproxy - Preview

security web 2008

20 Nov 08

thinkbroadband :: London beats New York, loses to Paris

www.thinkbroadband.com/...s-new-york-loses-to-paris.html - Preview

Wi-Fi security unread 2008

more recent WPA2 standards are what people should ideally
with the number of open wireless networks those looking for free access are likely
to simply move on
- Those looking for something more disagreeable might stay until they get what they want. - on 2008-11-20
Add Sticky Note
2 more annotations...
- 20% of London businesses having an open wireless network might actually be because of open wireless access points in reception so visitors can check their own email
- minimal risk to company data
  - Maybe not to the company, but is the _visitor_ aware of the risks? - on 2008-11-20
  Add Sticky Note

08 Oct 08

Secure login without plain text passwords

On my reading list. Discussed in IRC. See also WebServerAuth.

plone.org/...n-without-plain-text-passwords - Preview

plone security unread Plone (software) 2008

07 Sep 08

thinkbroadband :: One in nine broadband users breaking law

www.thinkbroadband.com/...adband-users-breaking-law.html - Preview

security wi-fi 2008

WEP is inherently insecure and you should use it with caution

05 Sep 08

The days of desktop antivirus apps are numbered - at ZDNet.co.uk

resources.zdnet.co.uk/...0,1000002985,39451075,00.htm - Preview

security 2008

1 - 20 of 56 Next › Last »

Showing 20▼ items per page

Selected Tags

security

Related Tags

Top Contributors

Click in to find related links.

Groups interested in security

CIPP Information Privacy & Security News

Members (8)

bookmarks (761)
WPPS NEWS

Members (5)

bookmarks (437)
IB ITGS

Members (120)

bookmarks (626)

Related Lists on Diigo

Free Security Software

Free security software to h...

Items: 22 | Visits: 113

Created by: Matt G.
Defensive Web Programming

Links that came up during S...

Items: 16 | Visits: 181

Created by: Joel Bennett
Online Security

Everything related to onlin...

Items: 4 | Visits: 137

Created by: Call Me What You Want

Diigo is about better ways to research, share and collaborate on information. Learn more »

Join Diigo

Graham Perrin's Library tagged security → View Popular

Antivirus online virus scan — viruschief.com

IT Services: Staying Safe Online

DO

Security Incidents - List | Diigo

New Security Tools To Be Launched — Microsoft

Hacker Says iPhone 3GS Encryption Is 'Useless' for Businesses | Gadget Lab | Wired.com

The Anatomy Of The Twitter Attack

Our Reaction To Your Reactions To the Twitter Confidential Documents Post

Twitter’s @Ev Confirms Hacker Targeted Personal Accounts; Attack Was “Highly Distressing.”

JavaScript URL encoding with Apostrophe [timstall.dotnetdevelopersjournal.com]

SD4L - ScramDisk for Linux

macosxhints.com - Install vpnc as a replacement for the Cisco VPN client

CVE-2009-0014 - Secunia Advisories - Vulnerability Intelligence - Secunia.com

Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com

CVE - CVE-2009-0014 (under review)

Main Page - OWASP

ratproxy

thinkbroadband :: London beats New York, loses to Paris

Secure login without plain text passwords

thinkbroadband :: One in nine broadband users breaking law

The days of desktop antivirus apps are numbered - at ZDNet.co.uk

Selected Tags

Related Tags

Sponsored Links

Top Contributors

Groups interested in security

CIPP Information Privacy & Security News

WPPS NEWS

IB ITGS

Free Security Software

Defensive Web Programming

Online Security