AES Archives

Home » AES » Page 2

SSDs, factory resets, and why you probably need encryption

Dave Farquhar Hardware, security May 25, 2015November 3, 2025AES, NSA

After the story came out about factory resets not adequately clearing flash memory in phones and tablets, one of my college buddies asked me if a similar problem exists in SSDs.

Depending on the SSD, it definitely can.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

Build the best, most secure wifi in your neighborhood

Dave Farquhar DD-WRT, Servers and Networking March 24, 2015August 26, 2017AES, android, apple, cat5, DDWRT, lowercase letters, malware, Meraki Wifi Stumbler, Micro Center, netflix, Roku, SSID, TL, wi-fi

My neighbor asked me for advice on setting up wi-fi in his new house. I realized it’s been a while since I’ve written about wi-fi, and it’s never been cheaper or easier to blanket your house and yard with a good signal.

Blanketing your house and yard while remaining secure, though, is still important.

Dave Farquhar

dfarq.homeip.net

How to use the lock in your web browser’s location bar

Dave Farquhar security February 23, 2015May 31, 20151990s, AES, chrome, cissp, demonstration, lenovo, Missouri, SSL, TLS, yahoo

A commenter asked me last week if I really believe the lock in a web browser means something.

I’ve configured and tested and reviewed hundreds of web servers over the years, so I certainly hope it does. I spend a lot more time looking at these connections from the server side, but it means I understand what I’m seeing when I look at it from the web browser too.

So here’s how to use it to verify your web connections are secure, if you want to go beyond the lock-good, broken-lock-bad mantra.

Dave Farquhar

dfarq.homeip.net

Don’t use personal information as your wifi network name

Dave Farquhar security December 8, 2014April 23, 2017AES, lifehacker, SSID

This weekend Lifehacker advised against using things like your name and address as your wifi network name or SSID–if you’re targeted for attack, it makes you that much easier to find when your wifi name is your name or address.

When I set up a wifi network, I usually set the name to the time of day. That way the network name ends up just being a meaningless, useless number, with no clues as to who owns it, or who the broadband provider is. Clever names draw attention, and you don’t want to draw attention.

Let’s talk about two other common security measures that you probably shouldn’t do.

Dave Farquhar

dfarq.homeip.net

Cutting through the fluff around the Target PIN breach

Dave Farquhar security December 27, 2013AES, breach, cable tv, Debit card, IBM, NSA, PR, Target Corporation

OK, so Target is back in the news, and it’s nowhere nearly as bad this time but there’s some posturing and some fluff in the news, so I’ll take it upon myself to demystify some of it. Some of it’s PR fluff, and some of it’s highly technical, so I’ll cut through it.

I’m just glad–I guess–to be talking about this stuff outside of a job interview. Like I said, this time the news isn’t nearly as bad as it could be. Read more

Dave Farquhar

dfarq.homeip.net

Hostsman makes it easy to block malware with a hosts file

Dave Farquhar security December 4, 2013August 28, 2018AES, antivirus, Bitcoin, malware, Malware Domains

I’ve written before about using the hosts file to block domains that are hosting malware. The idea is pretty simple. There’s a known list of domains that are either hosting or controlling malware, so by blocking your computer from accessing those domains, you make it much harder to get infected in the first place, and in the event that you do get infected, at least you block access to the command and control servers.

The problem is that Windows doesn’t make this easy. Well, I found an easy way: Hostsman. You can have it up and running in minutes.

Update: Don’t mess around with hosts files. It’s more efficient and more effective to change DNS servers instead.

Dave Farquhar

dfarq.homeip.net

Upgrading a D-Link DIR-615 to DD-WRT

Dave Farquhar DD-WRT, Hardware, security, Servers and Networking December 2, 2013January 31, 2022AES, CGI, code execution, d-link, dd wrt, DDWRT, firefox, Micro Center, Universal Plug and Play

Last year I bought my mother in law a D-Link router, an oddball DIR-615 revision E1 that was only sold at a few stores. It was supposed to be a Fry’s exclusive, but I bought hers at Micro Center. It worked for a while, then gave her trouble, so this year I was working with it again, and when I was setting it up, I noticed it had some security vulnerabilities–remote code execution, UPnP vulnerabilities, and who knows what else. So that got me some practice upgrading a D-Link DIR-615 to DD-WRT.

DD-WRT’s track record and attitude towards security research could be better, but I’d rather trust my mother in law to DD-WRT’s B+ security than D-Link’s F.

Dave Farquhar

dfarq.homeip.net

Bad news about smartphones, but maybe not all bad

Dave Farquhar security August 15, 2013AES, NSA

When you install Java on a Windows box, it brags that it runs on 3 billion devices. It’s not joking. A fair chunk of those 3 billion devices are the SIM cards that register your cell phone on its network. And those SIM cards frequently are woefully insecure. The mid-90s called, and they want their crypto back.

Via a text message you’ll never see, it’s possible to hack the 56-bit DES encryption used by many cards, or the triple-DES-in-name-only crypto used in others–repeating wimpy 56-bit crypto with the same key three times doesn’t make it any less wimpy–then send the cards a malicious Java applet, which busts out of the security on the ancient version of Java on your card, and ride this cascade of security flaws to do lots of nasty things like listen in on phone calls and intercept text messages.

Even if half of Americans don’t seem to mind the NSA listening to their phone calls, I’m pretty sure a majority of Americans don’t want the Russian Mafia listening to them. Read more

Dave Farquhar

dfarq.homeip.net

The 1 TB-ish SSD: The Micron M500

Dave Farquhar Hardware, security April 14, 2013April 3, 2025AES, anandtech, micron, performance penalty, windows 8

Anandtech has a review of the Micron M500, which is the first 960 GB SSD to retail for less than $600. Micron had to make some decisions to get that combination of capacity and price, so it’s not truly a no-compromises SSD, but like the article states, it’s a not-quite-a-terabyte capacity at the price that the best 80 GB drive was selling for in 2008. That’s a long way to come in five years. At $599, the price is high, but it’s not out of reach. If you really need that much high-speed capacity, you can probably come up with that sum.

And the drive’s reception has been very good. It’s backordered everywhere I’ve looked. Read more

Dave Farquhar

dfarq.homeip.net

How to encrypt PDF files for free

Dave Farquhar security October 10, 2012AES, Libre Office, Microsoft Office, pdf files

Yesterday I wrote about the importance of encrypting documents before you send them via e-mail. But what if you don’t have a PDF creator, other than Microsoft Office or Open/Libre Office?

It turns out you can encrypt PDF documents, including those you create with office software, for free–with caveats.

Dave Farquhar

dfarq.homeip.net