Medij ljudem - moč idejam!™
|
Izbori:
Tema tedna
Kako bi nas videli Nezemljani, če bi res obstajali in zašli k nam?
Rok za oddajo: 23 November 2008
Več o tem ...
Foto tedna
Anketa
Kaj bi si o nas mislili Nezemljani?
|
Dragan on Security
WPA Crack?
Academic researchers have found an exploitable hole in a popular form of wireless networking encryption. The hole is in a part of 802.11i that forms the basis of WiFi Protected Access (WPA), so it could affect routers worldwide. 100% 0% Zadnji zapisi v blogu "Dragan on Security"
100% 0% Security Quiz: Test Your Security IQ Michael Howard and Bryan Sullivan wrote a couple of articles for this month's MSDN Magazine. One of them is Test Your Security IQ. It’s chance for you to take the challenge. 100% 0% Will machine intelligence be used for at... I have worked for some time on using of artificial intelligence (AI) for protecting computer / information systems and networks. My work is primarily in area of intrusion prevention and detection systems (IDS and IPS). There is approach which considers machine intelligence usage for attack on systems' security. 100% 0% Edgios or will new Google come from Serb... Edgios is a large-scale distributed search 'cloud' that offers higher-quality search results. Users participate in the cloud by downloading the Edgios personal search software, and connecting that software to the net. 100% 0% Will crisis in financial sector affect t... Financial crisis is going to overflow from financial sector to real sector. It can result in slowdown and less spending for technology, higher unemployment rate etc.... 57% 43% How many security incidents you have exp... New poll is active on this blog now. Question is: “How many security incidents you have experienced in last 12 months?”. Available answers are: 0 1 - 5 6 - 10 more then 10 Thank you for voting. addthis_url = 'http%3A%2F%2Fwww.conwex.info%2Fblog%2Findex.... 57% 43% Ratproxy Google released Ratproxy - passive web application security assessment tool. It is released under terms and conditions of the Apache License, version 2.0. Here is Google’s description of tool: Ratproxy is a semi-automated, largely passive web application security audit tool.... 100% 0% MD5 Collisions It seems that bad days came for MD5 and those who based hashes on it. It is possible to create two executable programs with different functionalities with identical MD5 hash. Therefore, it is possible to create malicious executable which has same MD5 hash as regular program. This can be done just by using public Internet [... 42% 58% NIST - A New Hash Competition Update I had already written the post about NIST Competition for New Cryptographic Hash Function on my blog. Here are updates based on article by William E. Burr, “A New Hash Competition”, IEEE Security and Privacy, vol. 6, no. 3, pp. 60-62, May/Jun, 2008. Author says in abstract: ... 100% 0% We Are Sorry to Inform You We Are Sorry to Inform You - about rejected papers of famous researchers. Also interesting: “Once upon a time there was a little-known patent clerk in Bern who received a disappointing annual performance review in ‘05 - Annual Performance Review: Albert Einstein“. You’ll probably be surprised when you see this. ... 100% 0% Automatic Upgrade of WordPress by Mobile... I was on holidays when new release of WordPress 2.5.1 came out. And I wanted to upgrade immediately from 2.5.0. to new version. But I haven’t got computer with me and had just mobile phone (Nokia N95) with its browser. Anyhow, I decided to try automatic upgrade from mobile. I took the huge risk (I thought). And… it [... 100% 0% Cell Phone Spying and How to Protect You... Do you owe cell phone? Yes, of course. Then read this: Cell Phone Spying: Is Your Life Being Monitored? It says: It connects you to the world, but your cell phone could also be giving anyone from your boss to your wife a window into your every move. The same technology that lets you stay in touch [... 97% 3% Poll Results: Hacking Motives Poll “Primary motives for hacking are” which was open on this blog since December 21, 2007 to March 31, 2008 is closed now. Based on answers of visitors, who took opportunity to vote in the poll, main reason why hackers (malicious ones) are attacking is because they take it as intellectual challenge. Next reason is [... 100% 0% Cold Boot Attacks on Encryption Keys If you’ve thought your data are secure on encrypted hard disk, read: Lest We Remember: Cold Boot Attacks on Encryption Keys.... 100% 0% Poll: Rate Your Computer Security Knowle... I’ve added a new poll to this blog. The aim of the poll is to see what is the structure of the blog visitors according their (your) individual opinion and experience in the field of security knowledge. There is no guidance and explanation of the given choices. You are the one who sets measurement units, [... 98% 2% “How Do I?” Videos for Security “How Do I?” Videos for Security - Here you’ll find Microsoft educational videos from series “How Do I”, that explore a variety of security questions for developers, including encryption, handling attacks, security best practices, and a lot more. New videos are added regularly, so check back often. Last week featured videos are: ... 100% 0% WordPress 2.5 WordPress 2.5 has been released. From a security perspective, the new WordPress release 2.5 promises many improvements: secure cookie management, salted passwords, password strength meter and prepared SQL querying functions etc. ... 100% 0% Save the World, and Maybe a Whole Lot Mo... This article is… a funny: Asking a Judge to Save the World, and Maybe a Whole Lot More - New York Times. It says: The world’s physicists have spent 14 years and $8 billion building the Large Hadron Collider, in which the colliding protons will recreate energies and conditions last seen a trillionth of a second after [... 75% 25% Paper Enigma Machine Go to Paper Enigma Machine, download this one-page PDF file; print it using heavy card stock (recommended). You can then cut out the strips, and follow the directions on the page to build your own fully functional Enigma machine. Author says: This machine is compatible with the original 3-rotor German Enigma used during World War II. [... 100% 0% ASUS Eee PC - New Toy This is non security post on my security blog. :) I have bought an ASUS Eee PC recently. When I saw that subnotebook for the first time, I simply thought it was one of those stupid toys. But after I had talked to Maksa and David, I decided to buy “the toy” and started playing. The ASUS Eee [... 80% 20% The Privacy Toolbox Interesting list on Virtual Hosting Blog » The Privacy Toolbox: 100 Guides and Resources for Keeping Your Personal Information Safe, categorized into: Articles Blogs Resources Applications Organizations Tips Guides Books This list might be of great help. addthis_url = 'http%3A%2F%2Fwww.conwex.info%2Fblog%2Findex.... 100% 0% London Tube Free The secret cipher that secures Mifare Classic RFID tags used in access control systems, subway tickets, and various other security-related applications has recently been disclosed. The attack works against the Mifare Classic, a wireless card made by Netherlands-based NXP Semiconductors.... 80% 20% Windows Server 2008 Security Guide Windows Server 2008 has been shipped and Security Guide for this server is here. In guide, Microsoft stated: Microsoft engineering teams, consultants, support engineers, partners, and customers have reviewed and approved this prescriptive guidance to make it: Proven. Based on field experience. Authoritative. Offers the best advice available. ... 75% 25% Wireless Flu The outbreak of a wireless computer worm that spreads among portable devices like a flu epidemic is a possibility, according to a new mathematical model developed by Imperial College London researcher Christopher Rhodes and BT researcher Maziar Nekovee.... 100% 0% 123 CCTV Security Cameras If you want to monitor some area, office, room, you should visit this web site. Company 123 CCTV offers security camera surveillance equipment and various accessories (switchers & multiplexers, CCTV monitors, pan, tilt & zoom equipment, wireless trans. & receivers, camera cabling & wire, power supplies, and converters etc). ... 88% 12% WordPress - Urgent Security Release New release of WordPress 2.3.3 is one more urgent security release. This release followed release 2.3.2 which was also an urgent security release that fixes a bug that can be used to expose your draft posts. New release 2.3.3 fixes vulnerability which appears if you have registration enabled.... 89% 11% Microsoft IPsec Diagnostic Tool Microsoft IPsec Diagnostic Tool assists Network administrators with troubleshooting network related failures, focusing primarily on IPsec. It is applicable on Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008. This tool download is available to customers running genuine Microsoft Windows.... 100% 0% Poll Results - The Most Secure Operating... Poll “The Most Secure Operating Systems Family is?” has been closed on January 31st, 2008, after it was opened for voting more then 3 months, as planned. You had chance to vote for one of today’s popular (or less popular) operating systems. Results of poll are here: Linux (24.44%, 110 Votes) BSD UNIX (23.11%, 104 Votes) Solaris (19.... 100% 0% 2008 Norbert Wiener Award Given to Bruce... In 1987, Computer Professionals For Social Responsiblity (CPSR) began a tradition to recognize outstanding contributions for social responsibility in computing technology. The organization wanted to cite people who recognize the importance of a science-educated public, who take a broader view of the social issues of computing.... 100% 0% CfP ECRA Social Networks and Web 2.0 There is interesting call for papers for an Elsevier’s special issue of Electronic Commerce Research and Applications on Social Networks and Web 2.0. You can submit your manuscripts online. Papers will be reviewed and published depending of reviewers’ decisions. It will cover many of relevant topics related to this hot and fast evolving area.... 100% 0% Facebook Privacy Problems In recent post on this blog, I described some of StumbleUpon privacy risks. BBC Technology News now have article about privacy problem related to Facebook, another social networking tool.... 100% 0% Validated FIPS 140-1 and FIPS 140-2 Cryp... See list of Validated 140-1 and 140-2 Cryptographic Modules. You’ll find there that the standard crypto providers such as DSSENH and RSAENH are now certified FIPS 140-2 on Windows Vista. addthis_url = 'http%3A%2F%2Fwww.conwex.info%2Fblog%2Findex.php%2F2008%2F01%2F19%2Fvalidated-fips-140-1-and-fips-140-2-cryptographic-modules%2F'; ... 100% 0% Linux Security Expert Joins Core Windows... It seems that Microsoft is going to attract Linux Security experts to join and to bring different perspective to Widnows security.... 100% 0% StumbleUpon Privacy Risks Be careful, be very careful when use social networking sites! Some social networking sites and some sites that pretend to be social networking, but are marketing profiling sites, may pose huge privacy risk. I will talk here about very popular StubmleUpon which shouldn’t but actually yes. ... 100% 0% Michael Howard from Microsoft Analyzes R... One of main persons behind Microsoft SDL, Michael Howard analyzes recent Symantec and IBM Vulnerabilities in his post on MSDN SDL blog. Michael says: The vulnerabilities are not in Symantec code, yet Symantec customers are still open to attack. The issues lie in a small number of file parsers used in many applications created by a third [... 100% 0% Enigma Simulation in Flash The Enigma was an electro-mechanical cipher machine used by the German Military during WW II. The following link shows Enigma Simulation done in Adobe Flash 8 by Dr. Frank Spiess. You will have chance to see how it worked. Highlighted wires show steps of encryption. This Enigma simulation is part of Cryptool.com, a great collection of [... 100% 0% Santa Checked at Security Gate Merry Christmas to all. Santa and the TSA: See more comics here. addthis_url = 'http%3A%2F%2Fwww.conwex.info%2Fblog%2Findex.php%2F2007%2F12%2F26%2Fsanta-checked-at-security-gate%2F'; addthis_title = 'Santa+Checked+at+Security+Gate'; addthis_pub = 'dragan. 100% 0% Poll - Hacking Motives I’ve put poll on this blog to find out what is public opinion on primary motives for hacking. There are six possible choices and you can choose one according your opinion. Answers are based on Australian government Institute of Criminology i.e. its High tech crime centre classification. You can see paper here and vote in box [... 100% 0% Is It Safe? Eric Bidstrup has posted interesting and a thought provoking commentary about the Common Criteria on MSDN blog. He concludes: If customers expect a real-world answer to the question “Is it Safe?” to be answered by Common Criteria, then Common Criteria must change. ... 100% 0% Theory and Practice of Cryptography Vide... If you are interested in cryptography, there is very good YouTube video: Theory and Practice of Cryptography. You’ll need one hour of time to watch it. Topics include: Introduction to Modern Cryptography, Using Cryptography in Practice and at Google, Proofs of Security and Security Definitions and A Special Topic in Cryptography. ... 100% 0% Top 100 Network Security Tools Insecure.org has Top 100 Network Security Tools list. Author says: Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also point newbies to this site whenever they write me saying “I don’t know where to start”. [... 85% 15% Handbook of Applied Cryptography Online ... The Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone is available online - legitimately. This is a good book, and well worth downloading. I also would recommend Applied Cryptography by Bruce Schneier which is not free yet, but is very good and considered as bible of cryptography. [... 92% 8% Book: GNU/Linux System Programming Coming soon. This is a new Operating systems I course textbook with lab exercises for GNU/Linux System Programming. More details here. I contributed a little bit. Note: Book is in Serbian language. Original title is GNU/Linux sistemsko programiranje. 90% 10% Is Windows Live Messenger Trojan ZoneAlarm by Check Point, firewall, antivirus and antispyware is tool that I use for quite some time on one of my computers. It offered update to new version 7.0.462.000 today. After installation and starting antispyware scan it detected and considered Windows Live Messenger as Trojan with medium risk.... 100% 0% Bad Design or Backdoor for NSA A recent paper found a flaw in the Windows 2000 random-number generator. Another paper found flaws in the Linux random-number generator. Back in 1996, an early version of SSL was broken because of flaws in its random-number generator. Bruce Schneier discussed this problem on his blog and said: Which is why you should worry about a new [... 100% 0% Should We Believe Internet Polls? I think we should not. It is easy to cheat. If you want to know how, read bellow. You are aware of many Internet pools on various Web sites. I can remember days when having poll on you web was one of pillars to increase numbers of visitors. Other pillars were: often update or content change, [... 100% 0% 15th Telecommunications Forum TELFOR 200... Belgrade, Serbia - In Sava Center 15th TELFOR (Telecommunication Forum) has been opened today. Organizers are Telecommunications Society - Belgrade, ”Telekom Srbija” A.D., Public PTT Enterprise “Srbija”, ETF - School of EE, University in Belgrade, IEEE Serbia & Montenegro Section and ComSoc Chapter.... |