Let’s have a look at who’s been trying to break into SSH service on my development server recently, and where in the world they’re attacking from. Since I implemented fail2ban to trap out these attempted dictionary attacks, it’s logged the network addresses of all the culprits. Here’s who got caught in recent activity:
Applications of TrueCrypt, Part 1: Encrypted CDs
I previously discussed the merits of disk encryption as a countermeasure against the physical theft of portable computers and the leakage of private and confidential records that could ensue. But Full Disk Encryption is just scratching the surface of what can be done; the concept can and should be extended to all types of storage media, including portable media. I am currently using TrueCrypt‘s encrypted file-container volume capabilities to create encrypted CD-R’s and USB memory sticks both as part of my own regular secure backup and data vaulting operations and in the implementation of secure backup and data portability solutions for my customers.
Recommended Practices for Browser Security and Privacy
Historically, advertisements were limited to operating in one direction: from your newspaper, radio, or television screen to you. Enter the full duplex, bidirectional intertubes, and now advertisers have a slew of lucrative new methods to target the awful nuisance of advertisements to you. The history of sites you visit and your search history (behavioral targeting), the content of the page you’re browsing at the time (contextual advertising), and potentially all sorts of demographic and personally characterizing information may be in scope depending on the application (think e.g. Facebook).
Full Disk Encryption Service Now Available
Having completed developing and testing a deployment procedure, I am pleased to make available to my customers a brand new service offering: Full Disk Encryption for laptops.
Network Intrusion Encounters and Countermeasures
Network intrusion threats ran rampant and unchecked on the internet, invisible to most users. You may see no apparent signs of the automatic probes directed at your computer network, arriving around the clock, scanning for potential entry points. But they are occurring, maybe right now. Any exposed service may be expected to be quickly discovered and subjected to attack.