Time to ditch QuickTime for Windows

Windows + QuickTime = Uh-oh!Here’s a fun one:

The Department of Homeland Security (??) announced that QuickTime for Windows has 2 nasty security flaws.

They also say that Apple is no longer providing updates for QuickTime for Windows, so they are recommending that QuickTime be uninstalled from Windows machines.

So… DHS? What?!

(more…)

Why HTTPS and SSL are not as secure as you think

SSLIn this day and age of well-known NSA spying, everyone keeps saying that the only way to be safe is to use SSL/TLS, commonly known as “browsing with https://”.

The sad reality is that HTTPS does virtually nothing to protect you from the prying eyes of alphabet soup agencies – or anybody else with enough knowledge about how these supposedly “secure” connections actually work.

It’s true that connecting to web sites with SSL will certainly prevent “script kiddies” and other more winky opponents from eavesdropping on your surfing or otherwise interfering in your affairs. But as for the Real Bad Guys, forget it…

We shall begin by taking a brief dive down the rabbit hole of SSL, hopefully in a way that will make sense to even the least technically inclined among us.

This issue is, after all, so extremely important that I think everyone needs to understand what is really going on, and how web security actually works, without needing a PhD in cryptography, computer science, or engineering!

(more…)

Big Brother Techniques to be Revealed at Black Hat USA 2009? Big Deal!

Big Brother is watching

NetworkWorld has an interesting article entitled How to use electrical outlets and cheap lasers to steal data. The article discusses a presentation that will be held at the Black Hat USA conference later this month.

The deal is that two researchers are supposedly going to demonstrate how keystrokes can be read from a remote computer using either a laser, or signals transmitted over the ground line coming from a nearby computer.

While these techniques might be interesting to know about, somehow I think we have bigger things to worry about.

Read on to see what I mean…

(more…)

Securing your Wi-Fi Connection

Secure Wi-FiMany people these days use a Wi-Fi (IEEE 802.11) router, or they have a broadband modem with built-in wireless. It’s amazing to me that in this supposedly “high-tech” and “high-security” age, many people still are completely unaware just how wide open their home network really is.

With a Wi-Fi modem, usually your provider will be smart enough to lock down your wireless connection for you. But if you bought a wireless router or access point and set it up yourself, there are a few things you should know to keep others from “stealing” your connection and using it for nefarious purposes…

(more…)

Making Strong Passwords – and Keeping them Safe

lock-and-keyEveryone is totally crazy about security these days – especially computer security. We’ve all got antivirus software, a firewall, spyware scanners, and god knows what else loaded up on our PCs to protect ourselves from the “evils” of a networked world.

Some of us choose to use certain operating systems that we believe are inherently secure, while the reality is quite different. I remember hearing all about how “ultra-secure” OS X Tiger was in comparison to Windows XP. I know a lot of people who believed this, and who even went out of their way to harp on XP and how insecure it was. Well, there have been numerous updates for Tiger and Leopard that were sent out from Apple HQ. Guess what? There were scores of security vulnerabilities in OS X. What really might shock you is that the vulnerabilities in OS X read like a list of XP security holes (see here and here and here). That’s right, just because Apple tells you OS X is safer doesn’t mean that it’s actually true! Go figure!

Of course, there’s also Linux. In some respects, Linux is safer. In others, it’s no different than XP and OS X. Personally, I prefer Ubuntu and Vista at the moment. But the bottom line is that when it comes to security, it’s up to you to keep your data safe. The first and best way you can do that is to create and use strong passwords!

(more…)