Stoppt die Vorratsdatenspeicherung! Jetzt klicken &handeln! Willst du auch an der Aktion teilnehmen? Hier findest du alle relevanten Infos und Materialien:

Archived entries for Security

NSA: Security Configuration Guides

Ich hatte mir vor einigen Jahren schon mal die NSA Vorschläge für sichere Computer Konfiguration angesehen und gerade entdeckt, dass die Vorschläge weiterhin aktualisiert werden.

Es gibt unter anderem: Hardening Tips for MAC OS X 10.6 Snow Leopard und Security Highlights of Windows 7

Basic Internet Security

Basic Internet Security via Floss Manuals:

When verbally passing a message you usually need to know your contact persons to know if you can trust them, but you also have to know your technology a little to know if you can trust it. Technologies can leak or distort your message just as humans can. Technologies are invested in types of trust relations: some devices are safer than others, some can be modified, and some are better avoided.

This book tries to address these different layers by giving hands-on explanations on how to make your digital communication and data more secure and by providing the reader with a basic understanding of the concepts of digital communication and data security. It derives from the following principles:

  1. No method is entirely secure;
  2. You need to have a basic understanding on how and why technology works to make it work for you;
  3. You need technology for safer communication: either some basic tools, or more sophisticated equipment, depending on where you’re at and where you go.

Einbruch bei LastPass?

Ups

“Anomalien im Netzwerkverkehr” der Datenbanken des Passwortspeicherdienstes LastPass lassen den Dienstleister vermuten, dass unter Umständen Einbrecher an vertrauliche Informationen gelangt sind – darunter möglicherweise einige Masterpasswörter von Kunden.

Desktop Lösungen wie KeePass oder 1Password sind eventuell doch sinnvoller, und man braucht weniger Vertrauen den den Online Dienstleiter.

Website Security

Ein “Schnupperkurs” in Sachen Website Security gibt es im Webmaster Central Blog:

Today we’ll show you some examples of how a web application can be exploited so you can learn from them; for this we’ll use Gruyere, an intentionally vulnerable application we use for security training internally, too. Do not probe others’ websites for vulnerabilities without permission as it may be perceived as hacking; but you’re welcome—nay, encouraged—to run tests on Gruyere.

OpenPGP Encryption in JavaScript

OpenPGP Encryption in JavaScript

Public key encryption in Javascript encrypts form data at the client side for the whole transfer from sender to the final receiver. Form data can be transferred without using an SSL connection and is stored encrypted on the server. Only the final receiver can decrypt it.

Sicherlich nicht für jeden Einsatz sinnvoll, aber trotzdem sehr spannend!

Copyright © 2004–2009. All rights reserved. – Impressum

RSS Feed. This blog is proudly powered by Wordpress and uses Modern Clix, a theme by Rodrigo Galindez.