Chat Program That Foils NSA Spying

The National Security Agency has some of the brightest minds working on its sophisticated surveillance programs, including its metadata collection efforts. But a new chat program designed by a middle-school dropout in his spare time may turn out to be one of the best solutions to thwart those efforts. Prompted by Edward Snowden’s revelations about

TFA for dummies – an overview

Simply put, TFA is based around the premise of using something you know – a password – and something you own – like a smartphone or the hardware token that some banks provide to users to gain access. TFA is perhaps the simplest method of attacking the password problem. When both parts of the password

New Facial Recognition System

And just when you thought it was safe to go back into the water… you realised that you had forgotten your disguise. But only, so far, if you live in the land of the free and the home of the Paranoid. After six years and over one billion dollars in development, the FBI has just

Treasure Map

According to top-secret documents from the NSA and the British agency GCHQ, the intelligence agencies are seeking to map the entire Internet, including end-user devices. In pursuing that goal, they have broken into networks belonging to Deutsche Telekom. Treasure Map is anything but harmless entertainment. Rather, it is the mandate for a massive raid on

The Future of Cryptography Is…

The hidden champion of online privacy is the random number. When you’re making a credit card purchase online or simply sending an email, you rely on encryption techniques that use long strings of random numbers to conceal your information. But there’s a big problem with this approach: True randomness is incredibly difficult to create digitally.

Spam sale

Below is a copy of an email I recently received. It  gives you an idea on the costs of spam. As we are all aware there is always someone who clicks on a spam link, and then there are also those that follow through with a purchase. Because of the profits that may be made, and the cheap

Buy Fake University Email Accounts

Researchers from Palo Alto Networks discovered stolen and fake .edu email addresses for sale on China’s largest online marketplace. Some of the sellers were upfront about stealing the addresses from current students, even providing tips to avoid getting caught by the legitimate college kid. Harvard emails fetched $US390, but you can buy others for as

This app requires…

A global survey of more than 1,200 mobile apps has discovered that 85% fail to provide basic privacy information. The global survey faulted apps for accessing large amounts of personal information without adequately explaining how they were collecting, using and disclosing personal information. Almost one in three apps appeared to request an excessive number of

Apple Pay

Apple’s confirmation that the iPhone 6 will enable contactless payments via NFC has received a broadly positive reaction from security firms and payment processing vendors. Apple said it wouldn’t access any payment data, so the transaction would take place between a user, bank and retailer. ‪This privacy, along with ease of use, are among the

Using Windows 8 Format command

Formatting a hard drive doesn’t completely erase the data on it. You must overwrite the data to securely destroy it, preferably multiple times. Windows 8 allows you do this with the format commandusing the /p parameter. The command is: Format H: /P:7 The number after /P: is the number of secure erases Windows performs (so in

Social Engineering Is Biggest Security Concern

Another in the series “It probably does not apply to you, but I’m sure you know someone who might benefit from reading this”. We should all know the basics of security to keep your information protected. However, many recent security and privacy breaches have had less to do with bad passwords and more to do

Cryptography I

Learn about the inner workings of cryptographic primitives and how to apply this knowledge in real-world applications! A free online course from Stanford. Students will learn how to reason about the security of cryptographic constructions and how to apply this knowledge to real-world applications. The course begins with a detailed discussion of how two parties

Brute Force Attacks

A brute-force attack is, simply, an attack on a username, password, etcetera that systematically checks all possible combinations until the correct one is found. Scripts are usually used in these attacks, sometimes run from purpose built cracking machines loaded with custom chips and/or GPU arrays. In the worst case scenario, this process involves going through

Avoiding (And Removing) Windows Crapware

This post, if not for you, may prove useful for some of the people who use you as their IT go to guy [guy is a non sexist term]. Windows has a lot going for it, but it’s also saddled with one of computing’s biggest annoyances: crapware. Here’s everything you need to know about identifying,

Windows Security 101: EMET 5.0

EMET is a free tool, designed to help customers with their defense in depth strategies against cyberattacks, by helping block and terminate the most common techniques adversaries might use in comprising systems. EMET 5.0 further helps to protect with two new mitigations, and with new capabilities giving customers additional flexibility on their deployments. EMET helps