What is DNS over TLS?

What is DNS over TLS?

Web browser manufacturers Google and Mozilla have been taking heat lately for wanting to implement a technology called DNS over TLS. This is an important technology, so let’s talk about what DNS over TLS does and why you need it.

An increasing amount of our communications online is encrypted, which keeps other people from snooping on what we do. Not encrypting our traffic to DNS, which is the Internet’s phone book, makes it possible to see who we’re communicating with online, even though the communications themselves aren’t visible. DNS over TLS seeks to close this huge privacy gap. When your operating system says your connection is secured, it’s only talking basic security.

Read more

Deliberate security threats

Deliberate security threats

A friend of a friend suggested to me that I should carefully preserve my Commodores and other vintage computer gear, because it’s the only secure computer equipment available. I said I don’t complain too loudly since security is my job. He then said I’ll always have a job, because so many security threats are deliberate. While he’s not wrong, saying all security threats are deliberate is unhealthy. Here’s why.

Deliberate security threats certainly exist, because planting backdoors in the supply chain is the best way to get into certain highly sensitive networks. But I’ll argue that more security threats are honest mistakes than intentional sabotage.

Read more

Cyber security degree or certifications?

Cyber security degree or certifications?

From time to time I get questions from people looking to break into my field. Here’s a good one: What’s better to get, a cyber security degree or certifications?

If you’re in school now, get the degree. But if you’re not currently in school, and can learn on your own, the certification route is much cheaper, and probably faster. The key is having something on your resume that gets you through HR, and most companies know they can’t demand both.

Read more

Why patching can make your Kenna score go up instead of down

Why patching can make your Kenna score go up instead of down

Kenna is a revolutionary vulnerability management tool. It completely changed my approach to vulnerability management. But it can be hard to get used to. The most maddening thing about it is how you can deploy an update, and then your Kenna score increases. That’s not the outcome you wanted. Here’s why patching can make your Kenna score go up instead of down, and what to do about it.

Kenna’s math is tricky, but the thing to remember is the risk score isn’t exactly an average. Once you deploy enough patches for high-risk vulnerabilities, your risk score will start to drop as expected. The key is sticking with it long enough for the score to drop.

Read more

How does Nessus detect vulnerabilities?

Nessus is a popular vulnerability scanner, but there are some misconceptions about what it does and how it works. So how does Nessus detect vulnerabilities, and why is that important? Let’s explain.

Nessus detects vulnerabilities in two major ways, either by scanning ports or scanning files. Scanning files requires it to log in to the system, but it is considerably more accurate.

Read more

What does secured mean for Internet access?

What does secured mean for Internet access?

Both Windows and your web browser go out of their way to tell you if your Internet connection is secured, or not secured. Secured certainly sounds better than not secured. But what does secured mean for Internet access? Let’s talk about it.

“Secured” is a friendly word to say your network connection is encrypted. But what that means, exactly, depends on whether it’s your web browser or your operating system saying the connection is secure. The most important thing to remember is that in this case, your browser can compensate for Windows, but Windows can’t compensate for the browser.

Read more

Confirmed vs potential vulnerabilities in Qualys

When you’re looking at a vulnerability scan, you may find several types of line items on the report. Two of them are confirmed and potential vulnerabilities. Let’s take a look at confirmed vs potential vulnerabilities in Qualys.

Potential vulnerabilities are incomplete, in that they show an indication of vulnerability, but not enough for Qualys to confirm it. Confirmed vulnerabilities are more reliable, as Qualys was able to pinpoint a vulnerable file or setting on the system. In some scan results, Qualys refers to potential vulnerabilities as “practice.” As far as Qualys is concerned, practice and potential are interchangeable terms.

Read more

Is USB blocking misguided security?

Blocking USB ports on corporate computers certainly is an inconvenience. But it’s something many companies do in the name of security. The question is, is USB blocking misguided security? Does it solve a problem, or just create others?

There are serious security concerns with USB devices, besides the danger of people copying huge troves of corporate data onto a USB stick and taking that information with them. That’s why many companies, and the government, limit what you can use USB for, or sometimes block it completely.

Read more

WordPress Appliance - Powered by TurnKey Linux