Category: "IT Security"

About the IT Security category

  22:30, by Hagai Bar-El   , 57 words
Categories: IT Security

The IT Security category contains essays that discuss security aspects of corporate and personal information systems. Also included are personal and corporate security policy issues, as well as operations security. Examples for topics that fall into this category are: malware detection, network firewalls and attacks prevention, deployment of encryption technologies, protection of privacy in deployed systems, etc.

Pages: 1 2 4 5

  2014-04-09

OpenSSL "Heartbleed" bug: what's at risk on the server and what is not

  22:56, by Hagai Bar-El   , 1223 words
Categories: IT Security, Cyber Security, Counter-media
A few days ago, a critical bug was found in the common OpenSSL library. OpenSSL is the library that implements the common SSL and TLS security protocols. These two (similar) protocols facilitate the encrypted tunnel feature that secure services -- over… more »

  2014-02-01

CyberTech 2014

  21:10, by Hagai Bar-El   , 438 words
Categories: IT Security, Cyber Security, Events, Counter-media
I attended CyberTech 2014 on January 27th-28th. CyberTech is a meaningful conference for technologies related to cyber security. There were both lectures and an exhibition. more »

  2013-09-15

How risky to privacy is Apple's fingerprint reader?

  22:11, by Hagai Bar-El   , 964 words
Categories: IT Security, Security Engineering
Congratulations to Apple for featuring a fingerprint reader as part of its new iPhone. It was reported by The Wall Street Journal here, in the blog of Bruce Schneier here, by Time Tech here, and in dozens of other places. Very much expectedly, this reve… more »

  2013-07-06

The difference between Cyber Security and just Security

  19:24, by Hagai Bar-El   , 637 words
Categories: IT Security, Security Policies, Cyber Security, Counter-media
The concept of "Cyber Security" is surely the attention grabber of the year. All security products and services enjoy a boost in their perception of importance, and sales, by merely prepending the word "cyber" to their description. But how is cyber secu… more »

  2012-03-02

Improving the security provided by Yubikey for local encryption

  23:47, by Hagai Bar-El   , 697 words
Categories: IT Security
In the previous post, I discussed the use of Yubikey for local encryption. I noted that Yubikey can store a long string that can be used as an encryption key, or a password. It provides no extra protection against key-loggers, but still allows to use… more »

  2012-02-26

Using Yubikey with constant keys

  23:46, by Hagai Bar-El   , 322 words
Categories: IT Security
Yubikey is the first one-time password generator I saw that can also emit a static password. When you press the button, a constant pre-defined string is entered, just as if it was typed on the keyboard. Is it more secure than typing the password on the… more »

  2012-02-25

The case for supporting one-time passwords in conjunction with regular ones

  23:42, by Hagai Bar-El   , 874 words
Categories: IT Security
A few days ago I got a Yubikey. While exploring use-cases for it, it occurred to me that there is a strong case for a mode of operation which is seldom (never?) used by IT departments: using the token while also supporting static passwords for the same… more »

1 2 4 5