Sponsored White Papers, Webcasts, and Downloads
TechRepublic Resources
- The "insecure memory" FAQ
- There are times when a user of a free and open source operating system like FreeBSD or Debian GNU/Linux might encounter a warning or error message that looks something like this: "Warning: using insecure memory!" A likely moment might be the first time one uses GnuPG, because it's...
- Tags: Security, Disk, Window, Problem, Data, Microsoft Corp., RAM, GnuPG, Swapfile, TrueCrypt, Microsoft Windows, Construction, Memory, Operating Systems, Software, Semiconductors, Hardware, Components, Chad Perrin
- Blog posts 2008-05-14
- Has security grown beyond DIY?
- On Friday, I discussed Joshua Corman's contention that there is no perimeter, and my take on the phrase. That was only one of seven "dirty secrets" of the security industry that he mentioned at Interop Las Vegas. Another is, he tells us, that security has grown beyond "do-it-yourself."...
- Tags: Security, Chad Perrin
- Blog posts 2008-05-12
- There is no perimeter, kinda
- At Interop Las Vegas, IBM/ISS security strategist Joshua Corman explained seven "dirty secrets" of the security industry. One of his points was the newly common refrain that "there is no perimeter." What exactly does that mean? It's a buzzword Technically, I guess it's a buzzphrase. ...
- Tags: Perimeter, Security, Chad Perrin
- Blog posts 2008-05-09
- Five security tips from MediaWiki's lead developer
- Brion Vibber, the Wikimedia Foundation's lead developer, is the guiding hand behind the ongoing improvement of MediaWiki. MediaWiki is one of the most widely-used Web applications in the world, and is the software basis for Wikipedia. On the Wikitech mailing list, he offered some insight into how he...
- Tags: Software, Developer, Security, Abstraction, Tool, MediaWiki, Wiki, Productivity, Online Communications, Chad Perrin
- Blog posts 2008-04-30
- Fighting fire with water
- TechRepublic community member Absolutely!, in the discussion of the article, Fighting fire with fire, suggested a "community service" component to sentencing for malicious security crackers who are caught and convicted. The idea put forward is that they should contribute to development of software specifically meant to counter the efforts...
- Tags: Security Cracker, Suggestion, Security, Chad Perrin
- Blog posts 2008-04-28
- Fighting fire with fire
- Wired reported that on Friday, April 11, two weeks ago, security expert Joel Eriksson discussed the tools and techniques he uses to crack security on common security cracking software at the RSA Security Conference -- fighting fire with fire, you might say. This was Bitsec AB, CTO...
- Tags: Technique, Security Cracker, Productivity, Security, Chad Perrin
- Blog posts 2008-04-25
- Close unneeded ports on Unix/Linux systems
- Earlier this month, I provided some tips on how to use netstat and other tools to list open ports and listening services on a number of different operating systems. As pointed out in the previous article, "10 security tips for all general-purpose OSes," shutting down unnecessary services (and closing...
- Tags: Grep, PPP, Network, Linux System, Service, Unix, Tool, Linux, Servers, Networking, Operating Systems, Open Source, Software, Hardware, Chad Perrin
- Blog posts 2008-04-23
- List open ports and listening services
- As mentioned in the article, "10 security tips for all general-purpose OSes," you should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Ten specific services for Microsoft Windows were mentioned in my later article, "10 services to...
- Tags: Linux Distribution, Network, FreeBSD, TCP, Unix System, Service, Tcp/Ip, UNIX, Operating Systems, Open Source, Linux, Networking, Software, Chad Perrin
- Blog posts 2008-04-15
- Penguicon 2008
- Penguicon 6.0: Three days of open source software and science fiction by Chad Perrin
- Tags: Penguicon, tech action, TechRepublic Inc., Open Source, Tools & Techniques, Management, Chad Perrin
- Image galleries 2008-05-05
- Use sSMTP to send e-mail simply and securely
- In my previous article, Use getmail to get e-mail simply and securely, I mentioned two opposing approaches to handling e-mail. On one side is the use of monolithic, fancy, massively multi-function ("feature rich"), GUI-fied mail clients like Microsoft's "personal information manager," Outlook. On the other is the computer...
- Tags: Server, Authentication, SMTP Server, sSMTP, sSMTP Tool, E-mail, E-mail Servers, Online Communications, Enterprise Software, Software, Chad Perrin
- Blog posts 2008-04-11
- Use getmail to get e-mail simply and securely
- Many computer users like using monolithic, fancy, massively multi-function, GUI-fied mail clients. This is particularly true of people whose workday tends to revolve around Microsoft Office and its "personal information manager" application, Microsoft Outlook. It's such a huge, integrated collection of functionality that it can't properly be called...
- Tags: Password, Server, E-mail Server, E-mail, E-mail Servers, Online Communications, Enterprise Software, Software, Chad Perrin
- Blog posts 2008-04-07
- Meet me at Penguicon
- Later this month, I'll be attending Penguicon, with laptop in tow. It's a combination Open Source Software and Science Fiction Fandom annual convention near Detroit, MI. If you like my writing and want to meet me in person to tell me about it, and have the...
- Tags: Security, Chad Perrin
- Blog posts 2008-04-03
- DRM and unintended consequences
- Back in November 2007, I hinted at the inherent problems of DRM software in the article Radiohead knows more than Microsoft about security. I didn't really address DRM itself in any detail, however. I'll address it now. Technical problems As you might have gathered from the...
- Tags: Digital-rights Management, Customer, Decryption, Content, AACS, Digital Rights Management (DRM), Digital Media, Security, Consumer Electronics, Personal Technology, Chad Perrin
- Blog posts 2008-04-01
- Security 101, Remedial Edition: Obscurity is not security
- I know I've addressed this security issue before -- many times, in fact. Apparently, it needs to be said again: Obscurity is not security! Arun Radakrishnan wrote about how Red Hat decided to open the source to its security certificate system in TechRepublic's IT News Digest blog,...
- Tags: Software, Security, Chad Perrin
- Blog posts 2008-03-28
- The importance of being encrypted
- People often complain that using encryption in email is too much work. Sometimes, it can be fraught with difficulty for the encryption novice. Managing public and private keys can be confusing at first, and getting someone at the other end to use encryption as well can sometimes be...
- Tags: Data, Server, Encryption, E-mail, Security, Online Communications, Chad Perrin
- Blog posts 2008-03-26
- Using GnuPG encryption tools with Gpg4win
- Last month, I wrote about using GnuPG on Unix and Linux systems. You can get OpenPGP functionality on your Microsoft Windows system with GnuPG as well, and I aim to explain how. There are several ways to get GnuPG for MS Windows. Among them are...
- Tags: Window, Microsoft Corp., Tool, GnuPG, Encryption Tool, Microsoft Windows, E-mail, Productivity, Construction, Operating Systems, Software, Online Communications, Chad Perrin
- Blog posts 2008-03-24
- The Big Brother Awards
- In Montreal, Canada, at the Computers, Freedom, and Privacy conference in May 2007, Privacy International presented the first International Big Brother Awards. The "winners" of the Big Brother Awards are, in the words of Privacy International: the government and private sector organisations which have done the...
- Tags: Nominee, Privacy International, U.K., ChoicePoint Inc., Wikipedia, Wiki, Government, Web Site Development, Online Communications, Internet, Chad Perrin
- Blog posts 2008-03-22
- What is cross-site scripting?
- Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. Many users, and even Web developers, aren't entirely clear on what the term means, however. I'll explain cross-site scripting for you, so you...
- Tags: XSS, JavaScript, Web Site, Web Browser, Exploit, Cross-site Scripting Exploit, Cookies, Web Site Development, Internet, Chad Perrin
- Blog posts 2008-03-18
- Ensure basic Web site security with this checklist
- While I normally advocate a principles-based approach to maintaining system security -- and deplore the typical "best practices" checklist approach -- that doesn't mean that security checklists are without value. Employing a security procedures checklist is only the first step toward securing a resource, a means of aiding your memory...
- Tags: Web, Password, Network, Failover, TLS, Server, Web Site, Resource, Encryption, Authentication, Login Credential, Web Site Development, Channel Management, Security, Internet, Marketing, Chad Perrin
- Blog posts 2008-03-13
- Use PuTTY as a secure proxy on Windows
- Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single most popular SSH client available for Microsoft's operating system platforms (and also available...
- Tags: Web, Network, SSH, Microsoft Windows, Unix, Wireless Network, PuTTY, Dialog Box, Networking, Wireless, Chad Perrin
- Blog posts 2008-03-10
