Categories: "Analysis"

About the Analysis category

  03:20, by Hagai Bar-El   , 48 words
Categories: Analysis

The Analysis category contains articles that discuss security analysis of requirements and analysis of solutions. This category is further divided into sub-categories that address cybersecurity (critical infrastructure and homeland security), IT security (deployment of IT security tools and operations), security engineering (the development of security tools), and policy.

Pages: 1 3 4 5 ...6 ...7 8 9 10 11 12

  2019-09-07

On protecting yourself against MITM in SSH

  21:40, by Hagai Bar-El   , 1081 words
Categories: IT Security, Day-to-Day Security Advice
SSH is one of the best security protocols out there. It is used by anyone remotely logging into servers, as well as for secure connection to Git servers, and for secure file transfers via SFTP. One of the key promises of SSH is protection against active… more »

  2019-08-31

Using Tor to protect against certificate injection by Hotspots

  15:21, by Hagai Bar-El   , 667 words
Categories: IT Security, Day-to-Day Security Advice
Tor is typically used to attain anonymity and preserve privacy online. This is by far the most common and appealing use for it. Most people without such concerns are not likely to ever install a Tor browser on their workstations, and it's a pity; Tor… more »

  2017-10-13

For and against security checklists, frameworks, and guidelines

  18:03, by Hagai Bar-El   , 636 words
Categories: Security Engineering, Security, Cyber Security, Counter-media
We have seen many of those by now. Starting with old ones like FIPS 140, and concluding with more recent additions as the NIST CSF (Cyber Security Framework). The question is: are whose worth my time? What are they good for? Do we need to adhere to them? In a nutshell, I think they have their value, and need to be consulted, but not worshiped. more »

  2016-01-12

Bruce Schneier on Israeli export control

  22:09, by Hagai Bar-El   , 650 words
Categories: Security Policies, Counter-media
I usually agree with the opinions expressed by Bruce Schneier. Seldom do I think that he is dead wrong, and yet less often do I think that an essay of his is bluntly unsubstantiated. About a month ago, he published such a post, titled: How Israel Regulates Encryption. He quoted a research that sounds sensible, but ended up interpreting it entirely wrongly, in my opinion. more »

  2015-11-30

The status of Truecrypt (2nd edition)

  18:22, by Hagai Bar-El   , 419 words
Categories: IT Security
It has been a while since Truecrypt was discontinued. While it still works on most platforms, including new Windows machines (except for the full-disk-encryption on some of them), and while there is still no evidence to indicate that it is insecure, users of Truecrypt find the situation bothersome; and for a good reason. By now it seems obvious than an alternative has to be found. more »

  2015-08-05

Unsafe IoT safes

  21:07, by Hagai Bar-El   , 154 words
Categories: Security Engineering, Cyber Security
I have been saying that one of the challenges with securing IoT is that IoT device makers don't have the necessary security background, and the security industry does not do enough to make cyber-security more accessible to¬†manufacturers. more »

  2015-07-29

CyberDay lecture on IoT security challenges

  13:03, by Hagai Bar-El   , 41 words
Categories: Personal News, Cyber Security
Today I attended CyberDay 2015, where I delivered a lecture titled "Challenges in Securing IoT". more »

1 3 4 5 ...6 ...7 8 9 10 11 12