Attack on the Tor network

Officials with the Tor privacy service have uncovered an attack that may have revealed identifying information or other clues of people operating or accessing anonymous websites and other services over a five-month span beginning in February. The attack  bears hallmarks attributed to a an attack slated for description in a cancelled Black Hat conference presentation. However,

Introduction to Linux

Develop a good working knowledge of Linux using both the graphical interface and command line, covering the major Linux distribution families. This course explores the various tools and techniques commonly used by Linux programmers, system administrators and end users to achieve their day-to-day work in a Linux environment. It is designed for experienced computer users

New apps frustrating spooks

Wiretapping used to be straightforward. Potential drug lord? Bug his phone! But the proliferation of online chat options is making it hard for law enforcement officials and intelligence agents to carry out court-ordered wiretaps. One former U.S. official said that each year “hundreds” of individualized wiretap orders for foreign intelligence are not being fully executed

Remember Complex Passwords

If passwords are considered the bane of the data security industry, it’s partly because humans are awful at choosing them: By some counts, we still pick “password” a facepalm-inducing one in 20 times. But a study from two researchers at Microsoft and Princeton suggests there’s hope for those much-maligned secret strings of charters. Randomly generate

Internet of Things: 4 Security Tips

The military has been connecting mobile command posts, unmanned vehicles, and wearable computers for decades. It’s time to take a page from their battle plan. The Internet of today, what some are calling the Internet of Things (IoT), is a network enabled by embedded computers, unobtrusive sensors, worldwide systems, and big-data analytic environments. These systems,

Hello neighbour

When I broke into my neighbor’s home earlier this week, I didn’t use any cat burglar skills. I don’t know how to pick locks. I’m not even sure how to use a crowbar. It turns out all anyone needs to invade a friend’s apartment is an off switch for their conscience and an iPhone. This

The Russians Are Coming

The Russian Ministry of Internal Affairs (MVD) has offered a 3.9 million ruble (approximately $111,000) contract for technology that can identify the users of Tor, the encrypted anonymizing network used by Internet users seeking to hide their activities from monitoring by law enforcement, government censors, and others. The MVD had previously sought to ban the

What else is out there?

Security outlet VUPEN has revealed it held onto a critical Internet Explorer vulnerability for three years before disclosing it at the March Pwn2Own hacker competition. The company wrote in a disclosure last week it discovered the vulnerability on 12 February 2011 which was patched by Microsoft on 17 June 2014. The flaw affected Internet Explorer

Internet of Things – home alarms

When it comes to the security of the Internet of Things, a lot of the attention has focused on the dangers of the connected toaster, fridge and thermostat. But a more insidious security threat lies with devices that aren’t even on the internet: wireless home alarms. Two researchers say that top-selling home alarm setups can

Tails security flaw

Think you’re safe from spies because you’re using Tails, the same Linux distribution that Edward Snowden uses to remain anonymous? Unfortunately, you’ll still have to be on your guard. Security firm Exodus Intelligence has revealed that the latest version of the OS, 1.1, is vulnerable to attacks that could be used to unmask your identity.

TrueCrypt rescued as CipherShed?

CipherShed is free encryption software for keeping your data secure and private. It started as a fork of the now-discontinued TrueCrypt Project. Whois: Registrant Contact Information: Name: Niklas Lemcke City: Muenster State: NRW Zip: 48147 Country: DE Phone: +0.886972880771 Email: niklas.lemcke@gmail.com It’s still very early days, but I’m sure most of us are hoping it

Tor cancelled

A highly anticipated talk on how to identify users of the Internet privacy service Tor was withdrawn from the upcoming Black Hat security conference, a spokeswoman for the event said on Monday. The talk was cancelled at the request of attorneys for Carnegie Mellon University in Pittsburgh, where the speakers work as researchers.

Online Tracking Device

What do the White House and YouPorn have in common? Their websites both use canvas fingerprinting, a newer form of online tracking designed to make it hard to hide. ProPublica investigated the pervasive shadowing method, developed as an insidious alternative to cookies so websites can keep tabs on where their visitors browse online.

It’s not going to get any easier

Internet of Things I got an email from my car the other day, informing me about its need for service. As a security professional, I found it unsettling, not surprising, but unsettling. What’s my car doing on the Internet, anyway? What are the possible implications of that? Tesla Model S hacked The Tesla Model S

Morning reading

Feds have his number In May 2014, I reported on my efforts to learn what the feds know about me whenever I enter and exit the country. In particular, I wanted my Passenger Name Records (PNR), data created by airlines, hotels, and cruise ships whenever travel is booked. But instead of providing what I had requested,