Password Masking
I’m going to have to disagree with Bruce Schneier and Jakob Nielson on this one:
http://www.schneier.com/blog/archives/2009/06/the_problem_wit_2.html
I, and many other users, are often in situations where we are in the position of logging into systems in the vicinity of people with which we wouldn’t want to share the password.
Let’s look at the arguments against masking from the [...]
“I’m sorry Wesley, I can’t let you do that…”
These are not words that I often let my own computers tell me (for long).
When it comes to controlling resources, it’s relatively easy to keep people from reading things (access controls, authentication, cryptography, etc). We’re pretty good at that. If we own the medium, it’s even fairly easy to keep people from writing things to [...]
Thoughts on signed malware
I like SunbeltBLOG a lot (and I recommend that you add them to your reader), however, like most of the content in my RSS reader that I really like, I occasionally find myself disagreeing with them. Today’s post, For shame: Thawte trusts Gromozon is one of those times. While I can certainly understand [...]
Little Things: Last Checks Before Locking Your Screen
(I haven’t posted in a while, since I meant to do a post about various apps a security professional might want on their Windows Mobile/Pocket PC phone. Aside from other engagements, I’ve just been having too much fun playing with the different programs available for my phone to actually write anything down. It’s [...]
Writeup on IRC Anonymity at terminal23
LonerVamp of terminal23 has written a nice blog post about anonymity on Internet Relay Chat (IRC):
staying anonymous – part 4 irc
I left some additional comments to it that should be approved any moment now ;) . Anonymity is harder than configuring your client to use a proxy, and LonerVamp does a good job of [...]
Personal Password Management with Pwman3 (with a bit of hacking)
Introduction
How many passwords do you need to keep up with? Even if you’re not working in IT, with accounts on many systems, you might be surprised if you count them all up. You probably (at least) have passwords for your home, laptop, and work computers, email, banking, another one each for the bills [...]
SECCDC Final Standing and official NBNSpoof Release
So the smoke has cleared and the dust has settled on the judging, discussions, and drama surrounding the Southeastern Collegiate Cyber Defense Competition, and the final rankings have been released. We did better than we had been previously led to believe! The top three teams (out of 9 teams) are:
Louisville
UNC Charlotte
Mississippi State
We wound up [...]
SECCDC `07
The Southeast Collegiate Cyber Defense Competition was a lot of fun! I had a great team on my hands that not only made the 16 hours of competition time manageable, but also made the trip, mornings, and nights a blast as well. We did not place, although I felt that we did an [...]