SSL Archives - The Silicon Underground

A weak VPN isn’t necessarily better than no VPN

Dave Farquhar — Mon, 29 Feb 2016 12:00:21 +0000

A Slashdot story last week discussed how 90% of all SSL VPNs use weak, obsolete encryption. And one comment said, “So? A weak VPN is better than no VPN.” Not necessarily. Intelligence agencies love weak encryption, because if people are

The post A weak VPN isn’t necessarily better than no VPN appeared first on The Silicon Underground.

Why hiding your SSID makes your security worse

Dave Farquhar — Wed, 06 Jan 2016 12:00:06 +0000

I got a couple of questions about my recommended DD-WRT settings, but I’m going to start with the question about why not to hide the SSID. It actually turns out that hiding your SSID is bad for you, and makes your

The post Why hiding your SSID makes your security worse appeared first on The Silicon Underground.

What the NSA can crack, and how to protect against it

Dave Farquhar — Tue, 20 Oct 2015 11:00:51 +0000

Ever since the Snowden leaks, there’s been considerable speculation about what cryptography the NSA could break, and why. Finally, there’s a study that goes into deep detail about what it is the NSA probably can break, and why, plus how

The post What the NSA can crack, and how to protect against it appeared first on The Silicon Underground.

Worried about the wrong things? It’s always the wrong thing.

Dave Farquhar — Wed, 06 May 2015 11:00:50 +0000

Guy Wright’s piece titled Internet Security: We were worried about the wrong things is a bit old but it’s an important point. Security is a moving target. It’s always a moving target. I disagree, however, with the assertion that SSL (and its

The post Worried about the wrong things? It’s always the wrong thing. appeared first on The Silicon Underground.

How to use the lock in your web browser’s location bar

Dave Farquhar — Mon, 23 Feb 2015 11:00:06 +0000

A commenter asked me last week if I really believe the lock in a web browser means something. I’ve configured and tested and reviewed hundreds of web servers over the years, so I certainly hope it does. I spend a

The post How to use the lock in your web browser’s location bar appeared first on The Silicon Underground.

Port 2381: What it is and how to manage it

Dave Farquhar — Wed, 28 Jan 2015 11:00:38 +0000

I was doing some scanning with a new vulnerability scanner at work. It found something listening on a lot of servers, described only as Apache and OpenSSL listening on TCP port 2381. The versions varied. Luckily I also had Qualys

The post Port 2381: What it is and how to manage it appeared first on The Silicon Underground.

What is Winshock?

Dave Farquhar — Wed, 03 Dec 2014 11:00:47 +0000

So the other day I got blindsided with a question at work: What are we doing about Winshock. Winshock, I asked? I had to go look it up, and I found that’s what they dubbed what I’ve been calling MS14-066,

The post What is Winshock? appeared first on The Silicon Underground.

More encryption = more safety

Dave Farquhar — Mon, 24 Nov 2014 11:00:36 +0000

Mozilla, Akamai, Cisco, the EFF, and Identrust are teaming up for Let’s Encrypt, an effort to make SSL encryption free and easy. This is important, because it means mundane stuff will get encrypted. When SSL/TLS traffic are no longer flagged

The post More encryption = more safety appeared first on The Silicon Underground.

Takeaways from Patrick Gray’s AusCERT coverage

Dave Farquhar — Fri, 23 May 2014 11:00:00 +0000

I’ve been listening to Patrick Gray’s coverage of the AusCERT security conference, and I walked away with two major takeaways, one for security professionals and one for everyone. Everyone first: Use SSL (https) everywhere you possibly can. Generate superfluous https

The post Takeaways from Patrick Gray’s AusCERT coverage appeared first on The Silicon Underground.

It’s 6:21 PM. Do you know what the current version of Firefox is?

Dave Farquhar — Tue, 17 Jul 2012 23:21:38 +0000

Veteran blogger John Dominik reported yesterday that upgrading to Firefox 13 fixed some problems for him. So of course he’ll be thrilled to know that Firefox released a new version the very next day. The. Very. Next. Day. From a

The post It’s 6:21 PM. Do you know what the current version of Firefox is? appeared first on The Silicon Underground.