Crypto Jargon Hash Functions
A hash function is a completely public algorithm (no key in that) which mashes bit together in a way which is truly infeasible to untangle: anybody can run the hash function on any data, but finding the data back from the hash output appears to be much beyond our wit. The
Read More » Crypto Jargon
Security Pages that Count
With so many sites that offer helpful security information, this is my start of the must read sites.
Latest Reports ThreatPost – latest news of exploits HackerNews Browsers How they Work Browser Security Handbook Best Practices SSL Deployment Guide SSL Problems Survey of the SSL Implementation of the Most Popular Web
Read More » Security Pages that Count
We hear that the connection between our browser and a website like amazon.com is encrypted when we use https but how does that actually work? Learn about certificates and encryption in easy to understand terms.
Read More » Web Browser Security for the Layman
Building vs Buying a Dropbox Solution
Privacy, Security, Control, and Easy are trade offs we need to make on deciding our best solution. Recently, I found this option in cloud hosting from a NANOG thread. After installation and observing the speed, I was more impressed and wanted to know more and found this video of
Read More » Building vs Buying a Dropbox Solution
Self Signed Certificates another Layer
There is a lot of Internet press from companies and experts alike that self-signed certificates have to go away. It is a little unfair because they do have their place and if used within these limitations might even increase your security for certain edge cases. A few things to remember
Read More » Self-Signed Certificates can be Useful
Migrating Zimbra 7.2 32bit to 64bit on centos 6.5
I did this procedure before and I had a longer outage than I wanted. This time, we are doing it without taking down the old server with a very slight outage for just a few minutes. I also use front end non zimbra MX mail servers
Read More » Zimbra 32 to 64 bit migration version 2
Researcher Chris Paget pulled off a stunt at the Defcon security conference Saturday that required as much legal maneuvering as technical wizardry: eavesdropping on the cell phone calls of AT&T subscribers in front of thousands of admiring hackers.
Read More » Spoofing GSM Cell Base Stations
Registrar Domain Name Transfer
This use to be a very simple process but in recent years steps have been added to prevent numerous abuses. Unfortunately, we now have a process where registrar’s intentionally hold up legitimate transfers which is the point of this short note.
Recently I received an email from one of my current
Read More » Registrar Domain Name Transfer
SQL Injection Attacks
I don’t know about you but part of my education has always been to study code and learn the latest attack techniques. I enjoy reading code and have been doing this for longer than I can remember. Much of this code can be found with a google search or on some of
Read More » DEFCON 17 – SQL Injection Attacks
Take Away from Google I/O 2013
One of the problems with being too close to something is that you tend to be early on adoption. I would like to think with maturity and wisdom comes patience to wait before jumping in. After watching last year’s google i/o keynote, I immediately pre-ordered a 16GB nexus 7
Read More » Google I/O 2013