Posted by Krux on Thursday August 30, 2012 @ 07:38pm
[ 25 replies ]

So this is more for Stealth, since he has like all of the TBs at home. But I was looking for a decent backup solution that offered unlimited storage and handled Linux without having to mount a samba share or some shit.. So my co-worker suggested Crash Plan, as that's what he was using. Seems they have a family unlimited plan which lets you do up to 10 computers. And most important for those paranoid security types, you have the option to encrypt your data using a 448-bit encryption key that they don't have. It's also pretty inexpensive considering what you get. And with about 4TB of data I need to backup, I figured it's worth at least trying out for a year to see how I like it.

Here's the bitch of course, 4TB of data is going to take a VERY long time to upload. Backed up the servers quickly enough since they have bandwidth, and considerably less data. But the bulk of it is on the machines at home, so that means being bottle necked by the cable modem upload speed. Looks like it'll take about 6 months to upload the data at the current rate. I could upgrade my cable modem speed, but to get at the level where the upload speed changes from what I have now it's an additional $70 a month. That's out of my price range at the moment.

Posted by Krux on Friday November 11, 2011 @ 09:47am
[ more ]

Speaking of computer security, this such a bad response it's almost funny:

How not to deal with a vulnerability in your code

https://bugs.launchpad.net/calibre/+bug/885027

Posted by unicron on Thursday November 3, 2011 @ 06:41pm
[ 6 replies ]

What do you guys think of the Certified Ethical Hacker cert? Trendy BS or something worth having? Has Anyone here ever seen it give someone the leg up in a job search? Just seems like a cool cert to have, something different.

Posted by Krux on Saturday October 22, 2011 @ 01:25pm
[ 5 replies ]

I had no idea Rub was also doing computer security research.

http://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.en

RUB researchers break W3C standard
XML encryption is insecure: Large companies affected

Posted by Stealth on Wednesday August 31, 2011 @ 10:52pm
[ 3 replies ]

Check out this plugin for Firefox - http://convergence.io/ There's an article about it here - http://www.esecurityplanet.com/news/article.php/3938211/Who-Do-You-Trust-with-SSL.htm and it was mentioned at BlackHat '11 and in the back 10 minutes of this video - http://www.youtube.com/watch?v=Z7Wl2FW2TcA

It's a very cool concept and idea and seems to be well thought out. I think we should start playing with this and seeing what it takes to make a run a Notary so we can 'trust' what THC sees. It's pretty dope.

Posted by rub on Wednesday August 24, 2011 @ 02:11am
[ 3 replies ]

Krux and I were just talking about this last night at Crown & Anchor...

http://shanghaiist.com/2011/08/24/new_evidence_links_chinese_governme.php

Posted by Stealth on Monday July 19, 2010 @ 04:25am
[ 7 replies ]

http://www.washingtontimes.com/news/2010/jul/18/fictitious-femme-fatale-fooled-cybersecurity/
From the article:

Posted by rub on Thursday June 10, 2010 @ 06:03pm
[ 14 replies ]

Key in this is the third paragraph, sentence 1

http://money.cnn.com/2010/06/10/technology/att_ipad_fbi/index.htm

Posted by Stealth on Friday January 15, 2010 @ 03:03am
[ 68 replies ]

I'm going through my 'list' mailbox and noticed a good sized thread on Firewalls vs ACLs in routers, etc. There are basically two camps, one saying with ACL's in routers and switches, why waste time with another device and something else that could slow down the service, the other, believes firewalls are good. I suppose it's going to depend on whats behind the device, and what you are protecting, but would tend to think that hardware based firewalls are going to be better at protecting machines that routers with ACL's, but then again, I don't run big data centers or even hard-hit outside facing servers.

It's easy to screw up a router and knock yourself out with the wrong ACL. it's a bit harder to do with a firewall.

Any comments for those network/communication/logical type people?

Posted by Stealth on Tuesday January 12, 2010 @ 05:23am
[ 2 replies ]

For all you security minded people and people that like LiveCD's with good tools:

"BackTrack 4 final is out and along with this release come some exciting news, updates, and developments. BackTrack 4 has been a long and steady road, with the release of a beta last year, we decided to hold off on releasing BackTrack 4 final until it was perfected in every way, shape and form. This release includes a new kernel, a larger and expanded toolset repository, custom tools that you can only find on BackTrack, and more importantly, fixes to all major bugs that we knew of. This release has received an overwhelming support from the community and we are grateful to everyone who has contributed to the success of this release."

Sweet - http://distrowatch.com/?newsid=05864

Posted by Krux on Wednesday October 21, 2009 @ 02:59am
[ 2 replies ]

Convicted computer hacker is given unsupervised access to a prison's computer system and ... get ready for the surprise here folks ... hacks said computer system, locking everyone else out.

http://www.switched.com/2009/09/29/convicted-hacker-left-in-charge-of-prison-computer-system/

Posted by Stealth on Tuesday September 15, 2009 @ 01:46pm
[ 10 replies ]

Oh yeah, don't use them. http://www.wired.com/threatlevel/2009/09/montgomery/ Interesting.. People always trying to point fingers at someone else.