Pages: 1 ... 4 5 6 ...7 ... 9 ...11 ...12 13 14 ... 16

  2013-02-05

My new patent on a secure execution environment

  By Hagai Bar-El   , 119 words
Categories: Personal News, Security Engineering

I recently got a US patent application granted by the Patent and Trademark Office. The patent bears the title “Device, System, and Method of Securely Executing Applications".

Read more »

  2012-11-01

Conference: The Convergence of Systems Towards Sustainable Mobility

  By Hagai Bar-El   , 41 words
Categories: Personal News

I will be participating in a panel titled “Cyber Security of Vehicle Connectivity“, as part of the SAE ATA Conference: The Convergence of Systems Towards Sustainable Mobility, on November 7th-8th, 2012, in Turin, Italy. Details on the conference can be found here.

  2012-06-24

My new patent on ads extension to DRM

  By Hagai Bar-El   , 81 words
Categories: Personal News

I recently got a US patent application granted by the Patent and Trademark Office. The patent bears the title “Device, System, and Method of Digital Rights Management Utilizing Supplemental Content".

Read more »

  2012-03-08

Against the collection of private data: The unknown risk factor

  By Hagai Bar-El   , 734 words
Categories: Security Policies, Counter-media

I bet there are thousands of blog posts advocating privacy and explaining why people should resist governments and companies collecting personal data. I dare to write yet another one because I would like to make a couple of points that I have never seen made before. This post will discuss one of these two points: the unknown risk.

Read more »

  2012-03-02

Improving the security provided by Yubikey for local encryption

  By Hagai Bar-El   , 697 words
Categories: IT Security

In the previous post, I discussed the use of Yubikey for local encryption. I noted that Yubikey can store a long string that can be used as an encryption key, or a password. It provides no extra protection against key-loggers, but still allows to use strong passwords without remembering and typing them. Today, I would like to discuss a technique that makes Yubikey based encryption more secure; still not resistant to a key-logger, but resistant to having the Yubikey “borrowed” by a thief.

Read more »

  2012-02-26

Using Yubikey with constant keys

  By Hagai Bar-El   , 322 words
Categories: IT Security

Yubikey is the first one-time password generator I saw that can also emit a static password. When you press the button, a constant pre-defined string is entered, just as if it was typed on the keyboard. Is it more secure than typing the password on the keyboard? Not at all (unless shoulder-surfing is an issue.) So how does it differ from entering a long key yourself? It does not. And still, local encryption is a valid use-case just for such a function.

Read more »

  2012-02-25

The case for supporting one-time passwords in conjunction with regular ones

  By Hagai Bar-El   , 874 words
Categories: IT Security

A few days ago I got a Yubikey. While exploring use-cases for it, it occurred to me that there is a strong case for a mode of operation which is seldom (never?) used by IT departments: using the token while also supporting static passwords for the same services. It is not suitable for everyone, but it is suitable for the security-aware users. I will now introduce Yubikey in a few words, and then explain the purpose of adding support for one-time password to services that already support static passwords, without eliminating the latter.

Read more »

1 ... 4 5 6 ...7 ... 9 ...11 ...12 13 14 ... 16


Form is loading...

  XML Feeds

Search

License

All contents are licensed under the Creative Commons Attribution license.