Must Read Books   My Server   Web   Music

You are here: Home > Security
Archive | Security RSS feed for this section

Anonymity, privacy, data control, no-tracking

By on September 13, 2015 in Privacy, Security, Talks


anonymity, privacy, data control, no-tracking

a luxury lost in the cloud

OR

services under construction

?

It is so obvious, that all the traffic that goes over the Internet is tracked and analyzed. That allows to define business markets, user trends and obtain an absolute knowledge, about things that a few decades ago were probably considered personal information. As all the services are keep growing under the concept of a “cloud infrastructure”, our ability to control our own data disappears gradually. It is replaced with an illusion of control as we delegate trust to the service providers. The majority of the users do not understand the impact and they are unaware of the technical aspects of tracking, which runs silently at the background of each offered service.

…because awareness is missing…

...because awareness is missing...

The unavoidable exposure of the information tracking that takes place over the network triggers several actions by communities or individuals, which try to balance our ability to control the information that we will expose to the public. A number of different services around privacy, anonymity and data control already exists and becoming more and more popular. These services try to provide an alternative exit for gain back some control over decision making, that has been lost unconsciously.

…because somebody has to care…

...because somebody has to care...

Pages: 1 2
Comments are closed

DuckDuckGo, using it almost for a year now.

By on April 23, 2013 in Privacy, Security

DuckDuckGo, the minimalistic search engine

I started using https://duckduckgo.com about a year back, when I was looking for a good alternative. Duckduckgo is not more than it says that it is! A simplistic, but yet powerful and extensible (via DuckDuckGo Hacks) search engine. An engine that comes with the motto: “We believe in better search and not tracking.” and seems to promote users’ privacy. Explaining how our information flows around, without our consent, creating business revenues.

In general, although that the presented search results are not and can’t be as rich as of other engines, I still made it my default engine. With the provided !Bang I have everything I need for a sufficient and efficient search.

Reasons that I think someone could give it a try:

  1. DontTrack
  2. DontBubble
  3. DuckDuckGo Privacy Policy
  4. …certainly more…
Comments are closed

Side Channels Attacks: A good read for Acoustic Cryptanalysis

By on October 29, 2011 in Security

Acoustic Cryptanalysis is consider to be possible and despite the fact that you need physical access to the box, that certainly does not make the attack less important.

Adi Shamir & Eran Tromerand have an interesting read. Demonstrating how these attacks can become possible.

http://tau.ac.il/~tromer/acoustic/

Comments are closed

BEAST vs HTTPS

By on September 27, 2011 in Security, Videos

Juliano Rizzo and Thai Duong presented a new attack on the SSL/TLS protocol family using an utility named BEAST.

Comments are closed

The Undisputed Truth: SSL/TLS

By on August 3, 2010 in Security

Recently, I found myself working at the Secure Socket Layer (SSL) and Transport Layer Security (TLS) standards, mostly for optimizing and accelerating the expensivecryptographic operations. In particular, I examined the OpenSSL toolkit and I tried to figure out, what applies into the real world (web browsers, web servers, open source SSL/TLS stacks). The scenery is quite fuzzy and sometimes insecure. The lack of a unified direction and the unavoidable need for backward compatibility with all the versions of standards create an environment with several possible configurations. Unfortunately, this introduces significant space for security flaws (e.g. man-in-the-middle attacks) and thus, the proper attention is needed when SSL/TLS is applied. Ivan Ristic conducted an excellent research for SSL Labs. This research gives a great overview of the usage of SSL/TLS in real-life and presents an in depth analysis for all the cryptographic features. The results of this investigation will be presented in Black Hat 2010 USA.

The presentation can be found here.

Comments are closed
Older posts