I.T. Security and Linux Administration


January 31, 2014  11:48 PM

Don’t catch a virus…!

Eric Hansen Eric Hansen Profile: Eric Hansen

http://blogs.computerworld.com/cybercrime-and-hacking/23412/insecure-healthcaregov-allowed-hacker-access-70000-records-4-minutes

So, maybe “virus” a little farfetched, but really this bothers me.  The system itself is nice (I never ran into issues).  The gripes of it crashing is kind of warranted (there’s tools out there to benchmark/stress test set ups), but ideal data can only go so far.

Even then, while the hacker had 70k records, compared to how many there are on there, it just seems so…insignificant?  Hey, at least it wasn’t a DDoS attack finally.

January 31, 2014  11:44 PM

Still prefer Chrome?

Eric Hansen Eric Hansen Profile: Eric Hansen

http://talater.com/chrome-is-listening/

Fair argument?  Not sure.  But I do feel Chrome has really lost its luster period.  Yeah, its “faster” at times, but I seem to have more issues with it than anything else these days.  I mean, I’m restricted to one profile and even in incognito mode if I try to visit GMail in 2+ incognito windows the session persists.  Its…frustrating.  LuaKit is nice but I don’t always feel like using Vim.


January 31, 2014  11:41 PM

Can’t catch CAPTCHA

Eric Hansen Eric Hansen Profile: Eric Hansen

http://www.techienews.co.uk/975112/snapchat-account-registration-captcha-defeated/

CAPTCHA systems can be either very unique or very easy to break.  Oh, also very hard to use (looking at you Microsoft and those people who make it look like a rainbow threw up on alphabet soup).  Though, I’ve noticed a lot of people these days using ones that are strictly numerical.  It feels really like we’re regressing backwards in terms of CAPTCHA than anything else these days.


January 31, 2014  11:37 PM

A flaw of open source

Eric Hansen Eric Hansen Profile: Eric Hansen

http://slashdot.org/topic/datacenter/filezilla-evil-twin-steals-ftp-logins/

I’m a super strong supporter of open source and believe really in providing code for free and if monetization is key than charge for support.  It works for a lot of models (Red Hat is a big one, Snort is another).

I feel this just gives open-source junkies a bad name though for the argument of closed-vs-open source.


January 31, 2014  11:33 PM

The bird was made angry

Eric Hansen Eric Hansen Profile: Eric Hansen

https://medium.com/p/24eb09e026dd

Twitter, such a unique platform when you come to think about it.

Truthfully what there needs to be is a better password reset method.


January 31, 2014  11:30 PM

Don’t make the bird angry

Eric Hansen Eric Hansen Profile: Eric Hansen

http://slashdot.org/topic/bi/rovio-denies-collaborating-with-nsa-gchq/

I really am not a fan of Angry Bird, but at the same time it just feels like everyone is jumping on the bandwagon these days.  If you don’t know who developed an app, don’t trust the source, or don’t understand any of its permission requests, just don’t use it.


January 31, 2014  11:27 PM

GitHub the Bounty Hunter

Eric Hansen Eric Hansen Profile: Eric Hansen

http://thenextweb.com/insider/2014/01/30/github-launches-bug-bounty-program-offers-100-5000-security-vulnerabilities/

I know I don’t post about these much (maybe this is even the first time?), but that’s because bounty programs tend to be hit or miss.  By that I mean most companies will either honor the agreement of the program, or downright say “thanks for doing our work for us!”

I do support GitHub tremendously though, as I feel they have a solid and firm platform.  If you want some extra cash give this a go.


January 31, 2014  11:23 PM

Yahoo accounts hacked…again…

Eric Hansen Eric Hansen Profile: Eric Hansen

http://yahoo.tumblr.com/post/75083532312/important-security-update-for-yahoo-mail-users

The thing that really gets me bothered is that these “smart password policies” that everyone totes about means nothing.  You want people to remember all these crazy characters that they refuse to do, or they use a password keeper of some form.

Just tell people to use phrases.  Sure, through in random characters instead of spaces, but this still makes it more difficult to brute force than running a password dump against John the Ripper.


January 31, 2014  11:21 PM

Canada Spies Too?!

Eric Hansen Eric Hansen Profile: Eric Hansen

http://www.cbc.ca/news/politics/csec-used-airport-wi-fi-to-track-canadian-travellers-edward-snowden-documents-1.2517881

Truthfully everyone everywhere should suspect their government is doing this.  Though, Canada doing it through airport WiFi could cross the border (see what I did there?) between stealth and cunning.

Just speculation, but what if America did this and caught terrorists before they boarded?  Would we be happy they spied on them, or outraged that they spied?


January 31, 2014  11:18 PM

More powerful smartphone/tablet malware

Eric Hansen Eric Hansen Profile: Eric Hansen

http://www.ibtimes.co.uk/researcher-creates-malware-captures-every-tap-your-smartphone-or-tablet-1434673

Unfortunately we are becoming more and more tied to our phones these days.  This fact just makes the discovery even more troubling, especially when you couple that with the constant movement of those who don’t truly know how to use a smartphone wisely.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: