StartSSL™ Certificates & Public Key Infrastructure Why biometrics don't work (Editor's note: In this guest essay, Dave Aitel, CEO of penetration testing firm Immunity Inc., points out two shortcomings with using biometric sensors as a replacement for old-fashioned passwords.) Weak passwords are often blamed for many security breaches - but one of the biggest mistakes we can make is to replace them with biometrics. Over the past few years, there's been a lot of discussion from security firms, startups, big technology companies and privacy advocates about the need for technology to move beyond the password. The most widely suggested replacement for passwords has been biometrics (fingerprints, heartbeats, voice and facial recognition, iris/retinas) - and now that Apple has just introduced a fingerprint scanner on the new iPhone 5S, it's going to add tremendous momentum to this already burgeoning industry. TOUCH ID: 10 questions on the iPhone's fingerprint sensor MORE ON NEW IPHONES: Apple tiptoes down market to challenge Android
Frog Makes Star Trek's Voice-Controlled Computers A Reality Tea. Earl Grey. Hot. Those are iconic words to any Star Trek fan--it’s the preferred drink of Captain Picard, as ordered from the Enterprise’s always-listening computer system. They also represent a vision of voice-activated, ubiquitous computing interfaces that took hold in sci-fi books and film nearly 70 years ago. It’s taken a long time for our world to sync up to Picard’s, but with the advent of Kinect and voice recognition systems, it’s finally happening. Installed at Frog’s Austin offices, RoomE’s hardware is all off-the-shelf: two Kinects provide an array of voice and motion sensors, while a series of projectors are positioned to turn any surface into a screen. The Emotional Cost Of Personal Computing Star Trek and Doctorow aren’t the sole basis for RoomE--contemporaneously speaking, the social cost of head-down computing was also an important jumping-off point for developing a radically new interaction model. In truth, ubiquitous computing isn’t all that intuitive to humans.
CYBERCIEGE What Is HTTPS & How To Enable Secure Connections Per Default Security concerns are spreading far and wide and have reached the forefront of most everybody’s mind. Terms like antivirus or firewall are no longer strange vocabulary and are not only understood, but also used by the masses. Most people also understand that sensitive information, such as credit card numbers or address data, should be transmitted using a secure connection. With the rise of social networks however, more and more private information is transmitted via websites without any security layer. What Does HTTPS Mean? HTTPS stands for HyperText Transfer Protocol Secure. HyperText describes the content of a website that does not require scripts or plugins, i.e. text, tables, or images. HTTP is a networking protocol that guides the transfer of data between a client, for example a browser and a server, which typically is a computer hosting a website. Secure connections are a combination of two protocols: HTTP and SSL/TLS. How Can I Always Turn On HTTPS? Image credits: jimmi, wongwean
6 free network vulnerability scanners Though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself. Vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process. + ALSO ON NETWORK WORLD 8 free Wi-Fi security tools + Though vulnerability scanners and security auditing tools can cost a fortune, there are free options as well. 1. The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under the GNU General Public License (GNU GPL). The OpenVAS Manager controls the scanner and provides the intelligence. 2. 3. 4.
How Facebook Measured Gay Marriage Support With An Equals Sign This week, as the Supreme Court heard testimony regarding same-sex marriage, my Facebook profile was flooded with a single avatar--a pink-on-red equals sign promoted by the Human Rights Campaign (HRC). Generally a curmudgeon about armchair activism, I was drawn the the strong visual (literally, as the eye is naturally drawn to red). I swapped mine out, too. But did it make a difference? Facebook’s avatar swaps by region. By comparing week-to-week trends, they saw that 120% more (or about 2.7 million) people changed their avatars than the week before. Those closest to 30 years old showed the greatest increase in updating. In other words, as a 30-year-old male, my stance was relatively predictable. Interestingly enough, Facebook figured this out without even looking at our individual avatars with some sort of picture-deducing algorithm. By pulling random HRC avatars from various profiles, Kenton Ngo was able to measure the JPEG compression of this very simple geometric image.
BCP vs DRP — Business Continuity & Disaster Recovery Specialists - Standby Consulting Ltd Home » Continuity Planning » BCP vs DRP When people start on the journey to develop plans to deal with a major event they are confronted by two different terms - Business Continuity Plan and Disaster Recovery Plan. There is quite a difference between these two plans and it is important that an organisation clearly understands what sort of planning it requires. Business Continuity Plan (BCP) Business Continuity Planning is best described as the processes and procedures that are carried out by an organisation to ensure that essential business functions continue to operate during and after a disaster. Conceptually the thinking for the test of if it is a Business Continuity Plan is; "if we lost this building how would we recommence our business?" Disaster Recovery Plan (DRP) As part of the business continuity process an organisation will normally develop a series of DRPs. The typical test for a DR Plan for IT would be; "if we lost our IT services how would recover them?"
How to Set Up SSL on IIS 7 Introduction The steps for configuring Secure Sockets Layer (SSL) for a site are the same in IIS 7 and above and IIS 6.0, and include the following: Get an appropriate certificate. Create an HTTPS binding on a site. Test by making a request to the site. This document provides some basic information on SSL, then shows how to enable SSL in many several different ways: Using IIS Manager. This article contains the following sections: SSL Configuration Whether you are running your web site on your own server, or in the cloud, using SSL to secure your site is probably extremely important to you, as many websites are turning to it to protect user's privacy. Using SSL in kernel mode requires storing SSL binding information in two places. netsh http show sslcert When a client connects and initiates an SSL negotiation, HTTP.sys looks in its SSL configuration for the IP:Port pair to which the client connected. Choosing a Certificate Self-signed certificates are certificates created on your computer.
Top 10 Password Crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner , Ncat network connector , and Nping packet manipulator ). We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. 12 tools Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. version 1.1 on April 24, 2010 (2 years, 5 months ago). crackers wireless UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. version 4.9.43 on Dec. 3, 2011 (10 months ago). sniffers fuzzers
The 7 most interesting social media stats and what to learn from them 4.3K Flares Filament.io 4.3K Flares × One of the first things I’ve learnt, close to 2 years ago when taking the plunge into Social Media with Buffer, was that things aren’t yet very defined. There guiding metrics and studies are really just in their beginning phase and a lot is still quite vague. To help make things a tiny bit more clear, I thought it might be helpful to collect 10 of the most interesting social media studies and see what we can best learn from them. So without any further ado, let’s dig in and talk about the most important social media stats out there: 1.) In a very interesting study BlitzLocal looked at close 120 billion Facebook impressions and tried to make sense of it all. “Longer posts tend to perform poorly. Key takeaway: Whilst most of us know to keep postings short, getting actual data behind it is useful. 2.) Here is something we’ve struggled a lot with ourselves at Buffer in the past: To provide great customer service on Facebook. 3.) 1.) 2.) 3.) 4.) 6.) 7.)