And there you have it. Encryption is not necessarily going to protect you or your company.
http://www.wired.com/threatlevel/2012/01/judge-orders-laptop-decryption/
Tuesday 24 January 2012
Monday 23 January 2012
Data Privacy Day 2012
It's here again. It's not guaranteed to be more fun than Ground Hog Day, but it is important none the less.
Data Privacy Day 2012 is on January 28th.
There are numerous events being hosted across Canada and the US to make people more aware of data privacy issues. You can find a list of events here, or if you are in Halifax, attend this one.
The Privacy Commissioner of Canada has also released a calendar that you can share with your teams.
Data Privacy Day 2012 is on January 28th.
There are numerous events being hosted across Canada and the US to make people more aware of data privacy issues. You can find a list of events here, or if you are in Halifax, attend this one.
The Privacy Commissioner of Canada has also released a calendar that you can share with your teams.
Wednesday 18 January 2012
Fixing CVE-2009-3555 in Lotus Domino
A vulnerability assessment turned up a potential issue with my Domino servers. CVE-2009-3555, or a security concern with SSL renegotiation.
There is an easy work around for Domino, add the following parameter in your notes.ini file.
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://www-01.ibm.com/support/docview.wss?uid=swg21430331
There is an easy work around for Domino, add the following parameter in your notes.ini file.
SSL_DISABLE_RENEGOTIATE=1
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://www-01.ibm.com/support/docview.wss?uid=swg21430331
Monday 16 January 2012
SANS Ouch! - January 2012
The latest edition of SANS Ouch! is out.
Every month they publish a newsletter directed at the typical web user. Not those of us with a heightened awareness of security, but people like your office manger, mail room clerk or your parents.
This month's newletter deals with how to securely set up a wireless network.
I encourage you to take a look, and disseminate it to your staff. In fact, they even encourage you to do that.
http://www.securingthehuman.org/resources/newsletters/ouch
It is available in English, French, Arabic, Italian, Korean, Malaysian, Polish, Portuguese, Spanish, and both Simple and Traditional Chinese.
You can now follow Securing the Human on Facebook and Twitter too.
http://www.facebook.com/securethehuman
http://www.twitter.com/securethehuman
Every month they publish a newsletter directed at the typical web user. Not those of us with a heightened awareness of security, but people like your office manger, mail room clerk or your parents.
This month's newletter deals with how to securely set up a wireless network.
I encourage you to take a look, and disseminate it to your staff. In fact, they even encourage you to do that.
http://www.securingthehuman.org/resources/newsletters/ouch
It is available in English, French, Arabic, Italian, Korean, Malaysian, Polish, Portuguese, Spanish, and both Simple and Traditional Chinese.
You can now follow Securing the Human on Facebook and Twitter too.
http://www.facebook.com/securethehuman
http://www.twitter.com/securethehuman
Wednesday 11 January 2012
Canadian House of Commons Employees Downloading Illegal Content
According to the activist group, The Pirate Party of Canada, House of Commons employees are downloading illegal content before Canada's bill C-11, the strict copyright protection legislation comes into effect.
The party used youhavedownloaded.com a site that scrapes torrent sites for IP addresses to find addresses owned by the House of Commons.
When you work in such a high profile, public place, even if your network administrators turn a blind eye to what you do, chances are that someone out there won't. Smarten up people.
Further reading can be found here:
Canadian Officials Downloading Illegal Content - SC Magazine
Copyright Infringement in Canadian Parliament - Pirate Party of Canada
Piracy in the House of Commons - Pirate Party of Canada
The party used youhavedownloaded.com a site that scrapes torrent sites for IP addresses to find addresses owned by the House of Commons.
When you work in such a high profile, public place, even if your network administrators turn a blind eye to what you do, chances are that someone out there won't. Smarten up people.
Further reading can be found here:
Canadian Officials Downloading Illegal Content - SC Magazine
Copyright Infringement in Canadian Parliament - Pirate Party of Canada
Piracy in the House of Commons - Pirate Party of Canada
Tuesday 3 January 2012
Starting the New Year
I'm starting 2012 optimistically. I have a few goals for the year:
As a ways to an end, I have joined a CISSP study group, loaded some study resources on my iPod and ebook reader, and will take the bus one day a week in order to allow myself the time during the 2 hour commute to study.
Renovations are under way in the basement. I have the drywall up, and have started with the mud process.
Running will involve the completion of one of the other two goals I'm afraid.
- Achieve my CISSP certification.
- Finish the renovations to the basement.
- Find time to start running again.
As a ways to an end, I have joined a CISSP study group, loaded some study resources on my iPod and ebook reader, and will take the bus one day a week in order to allow myself the time during the 2 hour commute to study.
Renovations are under way in the basement. I have the drywall up, and have started with the mud process.
Running will involve the completion of one of the other two goals I'm afraid.
Subscribe to:
Posts (Atom)