Same Origin Policy - Protecting Browser State from Web Privacy Attacks Stanford University Computer Science Department Abstract Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users against their wishes. Ipredia OS for anonymous browsing and communications Ipredia OS is a Fedora based Linux operating system for anonymous web browsing, email, chat and file sharing, unlike similar projects like Tails and Liberte Linux based on tor, Ipredia anonymity takes root around the I2P anonymous network, with websites and services only accessible through an i2p proxy tunnel. The distribution can be downloaded with the Gnome or LXDE desktop, I tested the LXDE version because it is best for a live CD since it is lightweight and it should load quicker, there is the option to install Ipredia OS in your hard drive and some people might prefer the Gnome desktop for that. The operating system includes all of the basic applications an average computer user needs.
From Search Engines to Smartphones, Technology Gets a Privacy Overhaul As the reach of the Internet has grown, so has the medium’s favored business model: targeted advertising. Signals recording our activity are harvested as we browse the Web and, increasingly, as we use our smartphones. That information is used to build profiles that help advertisers target ads, and opting out is rarely easy. Some small companies are now redesigning smartphones and Web browsers to give people more control over that kind of data collection.
How to secure your data with Truecrypt in 11 easy steps! Truecrypt, is a free and open-source disk encryption software. In this post we will show you how to encrypt all your data using Truecrypt in 11 easy steps. With Truecrypt it is possible to encrypt a virtual disk (folder), a partition or a whole storage device. The two most beautiful things with Truecrypt are real-time instantaneous encryption and simple and easy setup. Probably you might ask yourself why you need it?! The matter of privacy today is very sensitive and as such sometimes we may need additional measures when our security might be compromised. Most popular VMWare Virtual Appliances for IT Administrators Updated on September 23, 2009: Please review the updated list of virtual appliances. You may also be interested in reviewing virtual appliances for Security. The original post has been retained as a historical reference. The download links for most of the appliances in the following table no longer work since VMware has revamped the Appliance Marketplace. Thanks I have ranked the virtual appliances for IT Administrators available at the VMWare Virtual Appliance Marketplace (VVAM) as described below.
Java Core API - Dropbox The Core API is based on HTTP and OAuth and provides low-level calls to access and manipulate a user's Dropbox account. If you want to follow along, first register a new app on the App Console. You'll need the app key to access the Core API. Then install the Java SDK and you'll be ready to go. Authenticating your app The Core API uses OAuth v2, but the Java SDK will take care of most of it so you don't have to start from scratch.
PRISM revelations result in lost business for US cloud companies. The revelations about the National Security Agency’s (NSA) broad monitoring of traffic and access to the data of cloud providers spurred by the actions of former NSA contractor Edward Snowden may or may not have hurt national security, depending on who you ask. But according to a recent survey by the industry organization Cloud Security Alliance (CSA), the exposure of NSA’s PRISM program is having a very real impact on the bottom line of US cloud service providers in the form of lost overseas customers. Concerns about NSA surveillance are hardly new. The PATRIOT Act’s “Enhanced Surveillance” provisions have raised privacy concerns about using US service providers since it was passed. Two years ago, I was interviewing the CIO of a major Canadian healthcare organization for a story on cloud computing, and asked if he had considered using US cloud providers or software-as-a-service. At the time, the concern might have sounded a bit paranoid.
Fragmenting the Internet Is Not a Security Solution In light of the recent spate of high-profile hacking campaigns, and the overall poor state of security on the internet, NextGov.com reports that parts of the US government are advocating for a separate, “secure” internet. The idea calls for segmenting “critical” networks (not yet fully defined, but presumably including infrastructure and financial systems) and applying two security mechanisms to these networks: (1) increased deep packet inspection (DPI) to detect and prevent intrusions and malicious data; and (2) strong authentication, at least for clients. The trouble is that this “.secure” internet doesn’t make much technical or economic sense: the security mechanisms are simply not powerful or cost-effective enough to warrant re-engineering an internet. Whether the idea is to apply different security policies to sites using a special domain name like “.secure” (and possibly the existing .edu and .gov domains), or to create a parallel internet infrastructure, is not yet clear.
IT Career Paths - A Guide to Credentials and Certifications If you love technology, then the IT field can offer a number of opportunities and areas to specialize in. As you hone in on your skills, you can validate your knowledge by advancing up the certification ladder to achieve new career heights. Whatever path you choose, we'll help you figure out the right steps to take. Sniffer hijacks secure traffic from unpatched iPhones Almost anyone can snoop the secure data traffic of unpatched iPhones and iPads using a recently-revised tool, a researcher said today as he urged owners to apply Apple's latest iOS fix. The nine-year-old bug was quashed Monday when Apple issued a patch for the iPhone 4, iPhone 3GS and third- and fourth-generation iPod Touch. If those devices aren't patched, attackers can easily intercept and decrypt secure traffic -- the kind guarded by SSL, which is used by banks, e-tailers and other sites -- at a public Wi-Fi hotspot, said Chet Wisniewski, a security researcher with U.K.