Breaking Encryption Won't Make Us Safer

The British government wants to build backdoors into standard encryption libraries. This means the technology that protects your financial transactions could have a backdoor. These same backdoors were just exploited in the WannaCry outbreak that just took down the NHS. Who created that backdoor? The NSA, whose incompetence allowed this “tool” to fall into the hands of a Russian government-affiliated hacking group. Your subscription could not be saved. Please try again. [Read More]

FBI Issues Notice Regarding Pokemon GO

On July 15, 2016 the US Federal Bureau of Investigations (FBI) issued an External Intelligence Note regarding the recent smash hit augmented reality mobile game Pokémon GO. The Note’s classification was unclassified/for official use only with the intended audience being the law enforcement and security communities. The completely unclassified summary of the FBI External Intelligence Note states: The FBI’s Washington Field Office (WFO) assesses it is very likely a increased participation in the Pokémon GO augmented-reality smartphone application will result in an increase in law enforcement encounters and suspicious activity reports (SARs) in the National Capital Region (NCR) due to a high concentration of museums, art installations, historical markers, and monuments identified as target locations, or “PokéStops,” and players attempting to access restricted areas. [Read More]

Yubikey 4 Nano Demands Use of yubiswitch

As more and more security policies demand the use of multi-factor authentication the number of times a day you use a multi-factor token will increase. Hopefully that number will not increase to a level that throws the balance of security and convenience towards the annoyingly secure side of the scale. But, if that ever does happen hopefully you can use an Yubikey as your token. Your subscription could not be saved. [Read More]

LastPass Sells Out to LogMeIn

If you have not heard, the phenomenal cloud base SaaS password manager, LastPass has agreed to be acquired be the not so customer friendly LogMeIn. The IT world immediately panned the anti-idea as anti-consumer and the security world agreed and raised all sorts of red flags as well. People dislike LogMeIn for a variety of reasons but the main one is that they pulled the rugs out from under a lot of folks who were using LogMeIn to help administer remote computers (I was one of these people). [Read More]

IE Unsecure for Over 9 Months in 2006, Firefox, Nine Days

Most of us probably knew this already but Internet Explorer (IE) is one of the most unsecured browsers on the planet. Last year alone, it was unsecure for 284 according to a Washington Post article by Brian Krebs. Washington Post: “Internet Explorer unsafe for 284 days in 2006” (Ars Technica) Security Fix spent the past several weeks compiling statistics on how long it took some of the major software vendors to issue patches for security flaws in their products. [Read More]