|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
Dragan_Glas
Team CC Chief Host
Chess Board Host
Joined: May 27, 2004
Posts: 2938
|
 Posted: Wed Aug 27, 2008 3:35 pm Post subject: BBC News - "Trusted Sites Thwart Net Attacks" |
|
|
Greetings,
This news article reports on a interesting addition/alternative to the current system of security certificates used by websites.
http://news.bbc.co.uk/1/hi/technology/7581949.stm
The paper's authors have released extensions for Firefox 3 (version 2 is no longer supported), Linux (64-bit), Apple MACs and Solaris.
See here
This may prove a useful item.
Kindest regards,
Dragan Glas
_________________
| Quote: | The only secure computer is one that's unplugged, locked in a safe, and buried 20 feet under the ground in a secret location... and I'm not even too sure about that one
Dennis Hughes, FBI |
|
|
| Back to top |
|
 |
Bill_Bright
General
Premium Member
Joined: Jan 16, 2004
Posts: 9048
Location: Nebraska, USA
|
| Posted: Sun Aug 31, 2008 6:10 pm Post subject: |
|
|
From that link: | Quote: | more and more people are visiting sites that lack these certificates or are connecting to the net via wireless access points where security can be lax.
The growing use of public wi-fi hot spots had made it very easy for hi-tech hackers to hijack and eavesdrop on web browsing sessions, said assistant professor David Andersen who helped to develop the defence. |
I tell people who insist (against my recommendations) to go WiFi to always keep an Ethernet connected computer for their most sensitive activities. This specifically includes shopping, taxes, banking. When truly point-to-point "RF", free from harmonics and without any compromising emanations or dispersions of the radio waves, then I might consider wireless for my systems. I draw from my early 70s radio maintenance days in the AF when TEMPEST, was drilled into every "Comm Troop's" head. I wince now at the explosion of WiFi use, especially in the home. And I place much blame on Linksys/Cisco, D-Link, NetGear, and all the other players, for making wireless connectivity so simple. Too many times infected users who were subsequently blocked by their ISPs, have said, "it connected the first time, so I didn't want to touch it!" With defaults being public knowledge, shame on the WiFi industry for allowing first time users connect, in the clear, and without forcing credential changes - all of which, IMO, should only be allowed by Ethernet - at least for initial setup.
If nearly 34 years working secure communications, 18 of that in Radios, has taught me anything, it is that there is no 100% secure "radio" communications. Unless the broadcast is contained in a "shielded" environment, you cannot ensure it cannot be intercepted, with the right equipment. Therefore, we must assume the radio frequency waves are being picked up by a badguy and so must do everything possible to secure the data on those waves.
That said, that is still not good enough - especially for apartment, dormitory, or crowded neighborhood dwellers. Any wannabe badguy can sit in the bushes, a parked car, the apartment next door, or the floor above or below, and find your wireless network. There is NO technology today that can make your wireless network undetectable. Period. Well, except the On/Off switch.
My point? If they are sitting in the next apartment, across the street, half a block away, or even a 1/2 mile away with a home-made directional antenna, they know where you live!!!!!! Or pretty darn close, depending on the population density of your neighborhood. How safe is that?
With Ethernet, they pretty much have to break into your house and attach another Ethernet cable to your router to hack your network. Then leave without leaving a trace.
The Complete, Unofficial TEMPEST Information Page
| Quote: | | "A lot of people wouldn't even know they've been attacked," said Dr Andersen. |
While true, it is just stating the obvious. I don't think "spyware" would be called "spy" anything if it immediately made its presence known. Only kiddie coders and wannebe badguys want that kind of attention. Most malicious coders do not want their code discovered so they strive to make it unnoticeable, doing its dirty deeds (DDoS, spam, propagating) while the undisciplined user plays on. What tends to happen is more and more malicious code is downloaded, and eventually, any computer will run out of resources.
_________________
 Bill, AFE7Ret
Freedom is NOT Free!
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
