security

A 7-post collection

Anonabox - online security, privacy and anonymity

The recent Kickstarter campaign for Anonabox proved to be insanely popular but ultimately unsuccessful after the campaign was suspended by Kickstarter. If you’re unfamiliar with it, it was a small network device that you could plug into an existing network connection and then either use the provided Wi Fi »

Opt-in secure email

After playing around with creating myself an OpenPGP compatible key and mucking around with sending / receiving some encrypted emails with some mates I’ve been thinking about a few things. The concept of email encryption isn’t new but it has never really taken off because the barriers to using »

Send me a secure message

Following on from my most recent post with my public key, if you wanted to send me a secure message but don’t understand how to it’s going to be dead simple. Go to this page: https://keybase.io/encrypt#weharc Type in your message Click Encrypt Copy the »

My public key for secure messaging

If you ever want to send me a secure message or file you can use my public key to encrypt the contents before sending it to me. My public key has been created and is listed in a new public directory called Keybase. You can find it here. It’s »

Storing passwords in a database? You’re doing it wrong

It’s amazing that in this day and age there are still systems that store passwords in databases in clear text. Passwords should never be stored in a database, you should always store the result of a one-way encryption process known as a Hash (with some Salt!). If you store »

LastPass – a review

For many years I was accumulating username / password combinations for a ridiculous amount of websites. Often I would use the same basic password, or a semi-strong password on these sites. I was building a user account security debt. Then I read about LastPass and knew my problems had been solved. »

Android marketplace more vulnerable to malware?

Interesting article at New Scientist detailing how security researchers crafted an app called WeatherFist and loaded it onto various mobile phone app marketplaces. The software was actually malware and “surreptitiously relayed data about the users’ locations and phone numbers to a server controlled by Brown and Tijerina [the researchers]” The »