Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - bill

Pages: 1 [2] 3 4 ... 10
16
Hardware & Technology / F-Secure KEY password manager (free promo)
« on: June 08, 2016, 07:33:10 AM »
If you'd like to check out an interesting password manager I came across F-Secure KEY https://www.f-secure.com/en/web/home_global/key

There was someone re-tweeting that they're giving away free premium accounts until June 10.
https://twitter.com/FSecureKEY/status/740110091635068928
KEYDADADA

The premium key lasts 6 months and lets you share passwords between accounts. Not sure what happens after that.

I like the security involved with this app. They don't even ask for your e-mail address when signing up. Everything is encrypted locally. F-Secure only gets an encrypted set of your passwords that they can't read even if they wanted to.

Not sure I'll move to this, but it looks promising in early tests.

17
Hardware & Technology / Opera now comes with a free, built-in VPN
« on: April 22, 2016, 04:20:06 AM »
http://www.opera.com/blogs/desktop/2016/04/free-vpn-integrated-opera-for-windows-mac/

Opera's new dev version comes with a VPN client that is free to use. In March, Opera bought SurfEasy, a VPN provider that never caught my eye as they are one of those cheap VPNs that retains their logs, so privacy isn't a strong point.  The offer of free, built-in VPN does lend an interesting sales pitch angle for them. I wouldn't rely on it for security or privacy, but it might be good for checking geo-centric SERPs.

18
Hardware & Technology / NoScript and other popular Firefox add-ons open millions to new attack
« on: April 06, 2016, 01:20:33 PM »
Quote
NoScript and other popular Firefox add-ons open millions to new attack
Unlike many browsers, Firefox doesn't always isolate an add-on’s functions.

NoScript, Firebug, and other popular Firefox add-on extensions are opening millions of end users to a new type of attack that can surreptitiously execute malicious code and steal sensitive data, a team of researchers reported.

The attack is made possible by a lack of isolation in Firefox among various add-ons installed by an end user. The underlying weakness has been described as an extension reuse vulnerability because it allows an attacker-developed add-on to conceal its malicious behavior by invoking the capabilities of other add-ons. Instead of directly causing a computer to visit a booby-trapped website or download malicious files, the add-on exploits vulnerabilities in popular third-party add-ons that allow the same nefarious actions to be carried out. Nine of the top 10 most popular Firefox add-ons contain exploitable vulnerabilities. By piggybacking off the capabilities of trusted third-party add-ons, the malicious add-on faces much better odds of not being detected.

FF had better revamp their entire core structure...quick

19
Hardware & Technology / WhatsApp just switched on encryption for a billion people
« on: April 05, 2016, 10:41:03 PM »
Quote
Forget Apple vs. the FBI: WhatsApp Just Switched on Encryption for a Billion People

This means that if any group of people uses the latest version of WhatsApp—whether that group spans two people or ten—the service will encrypt all messages, phone calls, photos, and videos moving among them. And that’s true on any phone that runs the app, from iPhones to Android phones to Windows phones to old school Nokia flip phones. With end-to-end encryption in place, not even WhatsApp’s employees can read the data that’s sent across its network. In other words, WhatsApp has no way of complying with a court order demanding access to the content of any message, phone call, photo, or video traveling through its service. Like Apple, WhatsApp is, in practice, stonewalling the federal government, but it’s doing so on a larger front—one that spans roughly a billion devices.

Most privacy buffs would stay clear of WhatsApp because of its connection to Facebook. However, even Edward Snowden likes Moxie Marlinspike's Signal app for secure communication. Moxie Marlinspike's involvement with WhatsApss's encryption efforts should lend some credence to it.

20
Hardware & Technology / Visio alternative for mapping websites
« on: March 08, 2016, 04:40:49 AM »
I'm trying to help someone redo the information architecture of a website that has a few hundred pages. They've been giving me charts made in Excel and it's impossible to move things around or do anything really. I suggested Visio, but they don't want to pay for that. Do you guys know of any good diagramming tools (free preferred) that could handle a task like this?

All I want to do is show pages of the site and their links to help them visualize where content will go, and show them how visitors will navigate the site.

21
Hardware & Technology / Anyone here a HAM?
« on: March 03, 2016, 04:04:20 AM »
Several people in my circles have been suggesting I get my HAM radio licence. Particularly in Japan where we're moments away from having our entire communications infrastructure destroyed by an earthquake, it didn't sound like a bad idea. I'm just wondering how much prep it takes to pass those licencing tests. I'd have to travel several hours to another city to take the test so it would take a bit of effort in addition to the study.

22
Hardware & Technology / This is Why People Fear the ‘Internet of Things’
« on: February 19, 2016, 02:58:22 AM »
Quote
This is Why People Fear the ‘Internet of Things’

Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware. Now imagine that the geek gear you bought doesn’t actually let you block this P2P communication without some serious networking expertise or hardware surgery that few users would attempt.

This is the nightmare “Internet of Things” (IoT) scenario for any system administrator: The IP cameras that you bought to secure your physical space suddenly turn into a vast cloud network designed to share your pictures and videos far and wide. The best part? It’s all plug-and-play, no configuration necessary!

23
Hardware & Technology / The government just admitted it will use smart home devices for spying
« on: February 09, 2016, 09:24:00 PM »
Another timely article telling us that the IoT devices in our homes really need more security.

Quote
The government just admitted it will use smart home devices for spying

If you want evidence that US intelligence agencies aren’t losing surveillance abilities because of the rising use of encryption by tech companies, look no further than the testimony on Tuesday by the director of national intelligence, James Clapper.

As the Guardian reported, Clapper made clear that the internet of things – the many devices like thermostats, cameras and other appliances that are increasingly connected to the internet – are providing ample opportunity for intelligence agencies to spy on targets, and possibly the masses. And it’s a danger that many consumers who buy these products may be wholly unaware of.

“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” Clapper told a Senate panel as part of his annual “assessment of threats” against the US.

24
Web Development / Are your HTTP headers secure?
« on: January 28, 2016, 01:25:48 AM »
I need to get this implemented on my sites: Content Security Policy (CSP)
Looks like a great way to thwart cross-site scripting attcks.

This guy has a scanner https://securityheaders.io/ that grades your headers just like SSL Labs does for certs. He also has a CSP policy builder https://report-uri.io/home/generate/ but there are a lot of options in there that I'd need to look into.

Anyone here use a CSP?

25
Web Development / Material Design Lite
« on: July 07, 2015, 02:24:48 AM »
Quote
On Medium today, Google Developers introduced us to a useful little tool called Material Design Lite. In simple terms, it’s a library of components that will make it very easy to apply Material Design elements to standard old HTML, JavaScript, and CSS. The library includes all sorts of page elements: Cards! Click-sensitive menus! Gem-toned buttons! Lovely little physics-enhanced toggles! “If you just want to pick some colors, customize a template and ship a Material experience, we try to help make that process simpler,” the team explains.

Interesting design framework if you want your site to look like an Android phone...

26
Hardware & Technology / Consumers spend 85% of time on smartphones in 5 Apps
« on: June 23, 2015, 08:50:31 AM »
Not surprising

Quote
Consumers Spend 85% Of Time On Smartphones In Apps, But Only 5 Apps See Heavy Use

Based on this data and other findings in the new report, Forrester advises businesses to design their apps only for their best and most loyal or frequent customers – because those are the only one who will bother to download, configure and use the application regularly. For instance, most retailers say their mobile web sales outweigh their app sales, the report says. Meanwhile, outside of these larger players, many customers will use mobile websites instead of a business’ native app.


27
Hardware & Technology / LastPass hacked: change your passwords
« on: June 16, 2015, 12:42:22 AM »
Agrh. Not fun to wake up to this news. LastPass issued a security notice saying that account email addresses, password reminders, server per user salts, and authentication hashes were compromised. I'm not too worried about my account contents, but it's a bit of a pain to have to acclimate to a new master password.

https://blog.lastpass.com/2015/06/lastpass-security-notice.html/

28
Hardware & Technology / Hackers build a new Tor client designed to beat the NSA
« on: May 22, 2015, 07:26:19 AM »
Hackers build a new Tor client designed to beat the NSA
http://www.dailydot.com/politics/tor-astoria-timing-attack-client/

Quote
With the threat of powerful intelligence agencies, like the NSA, looming large, researchers have built a new Tor client called Astoria designed specifically to make eavesdropping harder for the world's richest, most aggressive, and most capable spies.


29
Water Cooler / Scientists create algorithm that ‘identifies future trolls from just five posts’
« on: April 19, 2015, 11:11:14 AM »
Scientists create algorithm that ‘identifies future trolls from just five posts’
http://www.rawstory.com/rs/2015/04/scientists-create-algorithm-that-identifies-future-trolls-from-just-five-posts/

We need an API

30
Traffic / A Year of DuckDuckGo
« on: March 30, 2015, 06:09:50 AM »
A Year of DuckDuckGo http://www.designwithtom.com/blog/2015/3/23/a-year-of-duckduckgo

An interesting blog post about this guy's experience with DDG. The only thing that doesn't really parallel my experience is the Instant Search features. I haven't see a lot of them. I still find it necessary to go to GG for some stuff like calculations or currency conversion in the SERPs. I guess DDG is catching up.

Pages: 1 [2] 3 4 ... 10