Dell does a Superfish, ships PCs with easily cloneable root certificates | Ars Technica UK http://arstechnica.co.uk/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/
EC2 VPC VPN Gets an Update with NAT Traversal, Additional Encryption Options, and More
You can use Amazon Virtual Private Cloud to create a logically isolated section of the AWS Cloud. Within the VPC, you can define your desired IP address range, create subnets, configure route tables, and so forth. You can also use a network gateway to connect the VPC to your existing on-premises network using a hardware Virtual Private Network (VPN) connection. The VPN running in the AWS Cloud (also known as a VPN gateway or VGW) communicates with a customer gateway (CGW) on your network or in your data center (read about Your Customer Gateway to learn more).
Source: EC2 VPC VPN Update – NAT Traversal, Additional Encryption Options, and More | AWS Official Blog
This raises some interesting possibilities for secure applications that would benefit from the heightened security for the data being moved.
WordPress Brute Force Attacks Using Multiple Passwords Per Login Via XML-RPC – Slashdot
WordPress Brute Force Attacks Using Multiple Passwords Per Login Via XML-RPC – Slashdot http://it.slashdot.org/story/15/10/11/1220253/wordpress-brute-force-attacks-using-multiple-passwords-per-login-via-xml-rpc
Let’s Encrypt aims to bring web encryption to all sites for free
What is Let’s Encrypt?
Basically, it’s a way to get a quick x509 certificate for your server without knowing much about what is a x509 certificate:
Let’s Encrypt Overview – http://www.cryptologie.net/article/274/lets-encrypt-overview/
If this works out it will go skiing way to securing all web traffic. The Let’s Encrypt site is at https://letsencrypt.org/ and the code is open source at https://github.com/letsencrypt.
Google’s New Smart Lock Is the Password Manager for the Rest of Us
Google’s New Smart Lock Is the Password Manager for the Rest of Us http://lifehacker.com/googles-new-smart-lock-is-the-password-manager-for-the-1710352668
Overstock Will Issue a Private Bond Powered by Bitcoin Tech | WIRED
OVERSTOCK.COM IS PREPARING to offer a $25 million private bond using the blockchain, the distributed online ledger that underpins the bitcoin digital currency.
Earlier this week, the online retailer circulated a document among hedge funds, private equity groups, and other potential Wall Street investors indicating it was offering such a bond. Company CEO Patrick Byrne, the circular says, “believes that cryptotechnology can do for the capital market what the internet has done for consumers”—a reference to the type of technology that drives bitcoin.
Overstock Will Issue a Private Bond Powered by Bitcoin Tech | WIRED http://www.wired.com/2015/06/overstock-will-issue-private-bond-powered-bitcoin-tech/
Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7
Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7 https://www.howtoforge.com/tutorial/secure-ssh-with-google-authenticator-on-centos-7/
Ring | A free software for distributed and secured communication
A free software for distributed and secured communication
Source: Ring | A free software for distributed and secured communication
Something doesn’t smell right about the rush to “deprecate” HTTP
Something doesn’t smell right about the rush to “deprecate” HTTP http://scripting.com/2015/05/17/somethingDoesntSmellRightAboutTheRushToDeprecateHttp.html
Forbes Now: Penn State College Of Engineering Network Disabled Following Two “Incredibly Serious” Cyber Attacks
Forbes Now: Penn State College Of Engineering Network Disabled Following Two “Incredibly Serious” Cyber Attacks. http://google.com/newsstand/s/CBIwkJ3-8hI