security Archives

Home » security » Page 66

How to secure a computer like a spook

Dave Farquhar security May 20, 2011April 15, 2017computer security, NSA, Orange Book, STIG, windows 7, windows nt

A link to the National Security Agency’s (NSA) guidance on hardening operating systems has been floating around various blogs today. But the NSA’s guidance on configuring Windows 7 and other recent operating systems is, to put it mildly, a bit incomplete.

What one government agency doesn’t do, another probably does. That’s usually a safe assumption at least. Enter the Defense Information Systems Agency (DISA). If you want to harden recent Windows operating systems, visit http://iase.disa.mil/stigs/index.html for guidance.
Read more

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

More on the new Intel 320 SSD

Dave Farquhar Hardware, security May 10, 2011May 10, 20111980s, 1990s, AES, CIA, cissp, intel, ubuntu, Ubuntu Linux, WD

A few weeks ago, my security go-to guy, Rich P., bought a new Intel 320 SSD for his netbook. With my encouragement, of course. It finally arrived this weekend, and he installed it. Rich reports not only faster speed, but also a 30-minute improvement in battery life over the WD Scorpio Black it replaced.

He told me the secure erase function, to enable AES, had a snag. But he solved it. I’m documenting it here in case you ran into the same thing he did.
Read more

Dave Farquhar

dfarq.homeip.net

A firewall to defeat Android location tracking

Dave Farquhar security May 5, 2011android, firewall, location tracking

That didn’t take long. If you want more control over Android location tracking, Whispermonitor is for you.

Basically, any time an application tries to hit the Internet, it tells you where it’s going and on what port, and you can allow it once, always, or until reboot. Or deny it entirely.

Dave Farquhar

dfarq.homeip.net

Why would anyone want my e-mail account?

Dave Farquhar security May 3, 2011spam

One of my train acquaintances’ e-mail addresses got hacked last week. And yesterday The Consumerist warned not to play games on social networking sites telling people what your royal name would be by substituting things like the names of places you’ve lived for your real name. That led to people asking why anyone would want an Ordinary Joe’s e-mail account.

Ordinary Joe’s e-mail account is priceless, that’s why.
Read more

Dave Farquhar

dfarq.homeip.net

So why are Apple and Google (and Microsoft) tracking us?

Dave Farquhar security April 27, 2011October 29, 2018android, apple, cissp, IOS, iphone, itunes, location tracking, PR, wi-fi

So what are Google and Apple doing with this location data? And Microsoft, now that it’s clear they’re gathering it too (but they claim they aren’t storing it anywhere on the phone).

They aren’t saying a lot, but they’ve said enough to take a pretty good guess. And no, I don’t think the intent is to be evil.
Read more

Dave Farquhar

dfarq.homeip.net

Disabling Android location tracking

Dave Farquhar security April 25, 2011October 10, 2017android, location tracking

It appears that you don’t have to defeat Android location traffic; disabling Android location tracking is entirely possible. Go to Settings, then Location and Security, and uncheck the options Use wireless networks and Use GPS satellites.

There are upsides and downsides.

Dave Farquhar

dfarq.homeip.net

Android isn’t completely clean either

Dave Farquhar security April 22, 2011November 3, 2025android, iphone, location tracking, wi-fi

In the wake of yesterday’s iPhone mess, Android isn’t coming up completely clean either.

While Google’s intentions aren’t completely clear, the approach is safer.

Dave Farquhar

dfarq.homeip.net

iDo track your every move

Dave Farquhar security April 21, 2011April 25, 2011android, apple, iphone, itunes, location tracking

The scandal of the day is the iPhone and the discovery that it tracks your every move. Will that be featured in the next Android commercial? iDo track you. DROID DOESN’T. Update: Probably not.

Of course, the pundits are all over the map on this one. Nobody thinks it’s a particularly good idea. Some think it’s bad but are willing to live with it since they trust Apple not to misuse it. Some think it’s no big deal as long as Apple stops with the next patch. Others have gotten paranoid.
Read more

Dave Farquhar

dfarq.homeip.net

Be wary of unexpected e-mail attachments

Dave Farquhar security April 17, 2011antivirus

Just an observation: I’ve received two unexpected e-mail attachments from people I don’t know in the past hour. I figured the first one was an honest mistake–for some reason I get e-mail intended for other people from time to time–but when I got a second one and it, too, was little more than a smiley and an attachment, I started to think something strange is going on.

Your antivirus software should catch anything floating around, but if it’s too new, you can still get bitten. It’s never a good idea to open unexpected attachments. Bad things can happen.

Dave Farquhar

dfarq.homeip.net

Intel’s and Sandforce’s AES-128 encryption is useful, but not for what you think

Dave Farquhar Hardware, security April 2, 2011April 3, 2025AES, anandtech, intel, ocz, passwords, TrueCrypt

I spent some time this week with a coworker looking into the AES-128 encryption in current Sandforce and upcoming Intel 320 SSDs, and we’ve concluded it’s no substitute for software full-drive encryption.

This is important, so we’ll talk about it further.

Dave Farquhar

dfarq.homeip.net