No Anonymity on Internet

If it is not plain to everyone, here is some evidence: Sony Picture’s Scott Rudin exec emails: http://deadline.com/2014/12/scott-rudin-apology-sony-hacking-barack-obama-1201320321/ His racially insensitive emails were posted after the network and all servers were hacked. even after several years go by the emails have surfaced.    SEP = Security Equals Privacy This scenario can be repeated: Google and Twitter … Read more

Test new POODLE vulnerability

There is a new POODLE vulnerability and test at Qualys SSL labs) https://www.ssllabs.com/ssltest/   POODLE (Padding Oracle On Downgraded Legacy) The problem is that your encryption stream may be downgraded to a legacy (i.e. can be cracked) standard.  TLS 1.2 and higher needs to be kept as the known secure standard. Go click on ssllabs.com … Read more

Healthcare data at risk

It is only a matter of time before health data will be plastered all over the Internet. A number of Blogs are discussing this very issue http://www.safelogic.com/exposing-the-risks-of-data-driven-healthcare/ is one.   Penetration testing for New England care solved some problems outside of security issues: http://www.coresecurity.com/content/penetration-testing-key-to-hipaa-compliance-for-care Penetration testing checks the boundaries of your computer systems. By using open source tools … Read more