The newest commodity this days is crowd sourced data. All the digital corporations push this envelope harder and harder. Google wants to make me a “local guide”: post images of places on google maps and review businesses for free of course (they give you a badge, you know like boy scouts badges). This is lately… Read More »
Again and again the same myths and misunderstandings resurface from time to time. I noticed again a misplaced hype in an article shared on twitter about how biometric authentication will simplify banking. I have to share again something I learned many years ago when I was junior research student in a computer security group and… Read More »
Google puts another nail in the coffin for SHA-1. They already moved from using SHA-1 on their products but there are still a lot of places where is used by default. In a post on the Google Online Security Blog Announcing the first SHA1 collision Google researchers claim that they have a good way of… Read More »
The following is an example on how to generate a certificate directly on a Linux server using keytool, then sign it by a windows CA. The example assumes we are regenerating a certificate for a glasfish domain. STEP 1: Delete the old certificate In glasfish in each domain where security is activated we have a… Read More »
I already have several posts related to security of an exposed Internet site. They were all summarized in the post Blog Links: Web site security As we know, the Internet threats are constant and evolving so to maintain the same level of security we constantly have to update the configurations of a secure installation. In… Read More »
I already had several posts related to constructing a secure website that can be released in the wild world-wide web. The following are several resources and links that will give a good idea on what one can do in order to secure a web site. First we need a way to analyse how secure our… Read More »
An enterprise environment has to be monitored for external threats. There are a lot of very expensive IDS (Intrusion Detection System) that do this for you but you can set up in a production environment a very good solution for zero cost. The strength of an IDS is given by the IDS threats database, a… Read More »
Very important information about the SafeNet software and licences. I get all the time very puzzled clients that find it difficult to understand how to see the license validity and how to install the e-token support. In order to obtain the software and to be able to monitor your licences you need an account with… Read More »
In the following I will try to show how to generate user certificates on e-tokens by using the Windows CA. This tokens can be used after that for secure user authentication or signing. Prerequisites: – Install the Windows CA service. This comes a standard feature in Windows Server 2012. – Internet Explorer 9 and up… Read More »
Yes our friends from China invented a new type of DDOS attack. The great firewall changed unencrypted traffic that contained 3rd party javascript libraries to DDOS GitHub. There is already a testing tool SRI Test developed and deployed by Gabor Szathmari see for more details his blog To protect my blog I found out that… Read More »