A Slashdot story last week discussed how 90% of all SSL VPNs use weak, obsolete encryption. And one comment said, “So? A weak VPN is better than no VPN.”
If you regularly visit forums online, particularly forums powered by the forum software Vbulletin, you ought to change your forum passwords right now. The longer and more random you make them, the better.
I spent some time exploring HP Compaq 6910p upgrades because used HP Compaq 6910p laptops are dirt cheap these days. I picked one up for $75 as an alternative to a Black Friday cheapie.
If you look for one yourself, either look for one with a valid Windows 7 or Windows 10 license on it, or get one at a deep enough discount to make it worth your while.
Here’s what I did to turn an outmoded laptop from 2008 into something better than what I could have bought on Black Friday.
I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.
For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.
I’m playing catch-up with this one, but if you’ve been relying on the quasi-open source Truecrypt encryption solution, you need to migrate to Veracrypt as quickly as possible.
For some reason, it doesn’t seem to be common knowledge that Veracrypt is derived from Truecrypt and is, for all intents and purposes, the successor to Truecrypt.
After the story came out about factory resets not adequately clearing flash memory in phones and tablets, one of my college buddies asked me if a similar problem exists in SSDs.
Depending on the SSD, it definitely can.
Google is moving its corporate applications to the Internet. A year ago I would have said that’s the dumbest thing I ever heard. Today I’m not so sure.
Sticking stuff in the cloud is the popular answer to everything these days, and I just see the cloud as the new mainframe. It’s not a solution so much as a different take on the same problem, and while I see a couple of potential disadvantages, believe it or not I see some real advantages to the approach as well.
My neighbor asked me for advice on setting up wi-fi in his new house. I realized it’s been a while since I’ve written about wi-fi, and it’s never been cheaper or easier to blanket your house and yard with a good signal.
Blanketing your house and yard while remaining secure, though, is still important.
A commenter asked me last week if I really believe the lock in a web browser means something.
I’ve configured and tested and reviewed hundreds of web servers over the years, so I certainly hope it does. I spend a lot more time looking at these connections from the server side, but it means I understand what I’m seeing when I look at it from the web browser too.
So here’s how to use it to verify your web connections are secure, if you want to go beyond the lock-good, broken-lock-bad mantra.
Late last week, the Wall Street Journal reported that Anthem wasn’t encrypting the database containing tens of millions of health records that were stolen by sophisticated hackers.
There are numerous problems with that story, the first being that we don’t know yet whether the data was encrypted. There are other unconfirmed reports that say the attackers used a stolen username and password to get at the data, which, if that’s true, likely would have allowed them to decrypt the data anyway.
Still, I’m seeing calls now for the government to revise HIPAA to require encryption, rather than merely encourage it. And of course there are good and bad things about that as well.