threedaymonk + security 75
MI5 warn open-plan offices ‘raise bomb risk’
9 days ago by threedaymonk
See? I told you they were a bad idea.
work
office
safety
security
9 days ago by threedaymonk
Shearing FireSheep with the Cloud | Stratum Security Blog
4 weeks ago by threedaymonk
Instructions for setting up your own VPN.
vpn
ec2
aws
security
linux
4 weeks ago by threedaymonk
Strong Parameters
10 weeks ago by threedaymonk
‘With this plugin Action Controller parameters are forbidden to be used in Active Model mass assignments until they have been whitelisted.’
rails
security
webdev
10 weeks ago by threedaymonk
Brakeman
november 2011 by threedaymonk
‘Static analysis security scanner for Ruby on Rails’.
ruby
rails
security
xss
webdev
november 2011 by threedaymonk
Password Policies are Getting Out of Control
august 2011 by threedaymonk
‘In fact, I think I have found the most difficult password policy in existence today.’
security
webdev
usability
august 2011 by threedaymonk
SSH Tunnel
may 2011 by threedaymonk
Android app to facilitate using the internet through an SSH tunnel.
android
ssh
security
may 2011 by threedaymonk
The Weakest Link
february 2011 by threedaymonk
Why do websites insist on accounts and passwords? If the password can be trivially reset by email, then they should offer email as an authentication mechanism.
webdev
authentication
security
passwords
february 2011 by threedaymonk
My Trousers and Airport Security
february 2011 by threedaymonk
Read this before some ‘security’ goon tries it on with you on your next flight.
security
airports
airline
travel
freedom
february 2011 by threedaymonk
Prey
january 2011 by threedaymonk
An open-source anti-theft tracking system for laptops and mobile phones. Works with Linux and Android.
security
android
linux
tracking
january 2011 by threedaymonk
LittleBlackBox
january 2011 by threedaymonk
‘[A] collection of thousands of private SSL and SSH keys extracted from various embedded devices.’
ssl
tls
cryptography
security
january 2011 by threedaymonk
BrokenGlass
september 2010 by threedaymonk
A password store for teams. Works on the principle that anyone with credentials can obtain a password if needed, but access is recorded.
security
passwords
ruby
rails
september 2010 by threedaymonk
The TSA Blog: There Are No Children on the No Fly or Selectee Lists
january 2010 by threedaymonk
Propaganda fail. Taken apart in the comments.
tsa
travel
airport
security
propaganda
january 2010 by threedaymonk
The 'Israelification' of airports: High security, little bother
december 2009 by threedaymonk
Very interesting. How to do airport security properly.
travel
airport
security
israel
december 2009 by threedaymonk
I’m sorry but we blew up your laptop (welcome to Israel)
december 2009 by threedaymonk
In what possible way is this a sensible or proportionate reaction?
security
israel
airport
wtf
december 2009 by threedaymonk
Slowloris HTTP DoS
june 2009 by threedaymonk
Ties up an HTTP server by setting up multiple partial connections and keeping them alive, preventing the server from responding to other traffic.
http
apache
perl
dos
network
security
june 2009 by threedaymonk
A Rails Security Flaw - Destroying The Audit Trail
april 2009 by threedaymonk
‘One of [the new features in 2.3] was the ability to set the created_at/updated_at time-stamped columns manually. Now, why anybody would want to do this currently escapes me.’ Me too.
rails
ruby
security
commented
april 2009 by threedaymonk
Adeona: A Free, Open Source System for Helping Track and Recover Lost and Stolen Laptops
march 2009 by threedaymonk
‘Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service.’ Seems like it's not quite ready yet, though.
security
computing
theft
march 2009 by threedaymonk
Overwriting Hard Drive Data
february 2009 by threedaymonk
‘The fallacy that data can be forensically recovered using an electron microscope or related means needs to be put to rest.’
computing
storage
hdd
security
february 2009 by threedaymonk
French fighter planes grounded by computer virus
february 2009 by threedaymonk
No one should run Windows. Especially not the military.
security
microsoft
france
military
virus
february 2009 by threedaymonk
How to uninstall Microsoft .NET Framework Assistant from Firefox
february 2009 by threedaymonk
Microsoft is now installing Firefox extensions on the sly as part of system updates. Slimy.
microsoft
firefox
windows
security
february 2009 by threedaymonk
Interview with an Adware Author
january 2009 by threedaymonk
‘Matt Knox, a talented Ruby instructor and coder, talks about his early days designing and writing adware for Direct Revenue.’
programming
security
adware
ruby
interview
january 2009 by threedaymonk
Bug 460374 – All certificates show not trusted - get error code (MITM in-the-wild)
november 2008 by threedaymonk
A great example of how security warnings don't work.
mitm
security
firefox
usability
november 2008 by threedaymonk
Schneier on Security: The Two Classes of Airport Contraband
september 2008 by threedaymonk
I wish Bruce made the rules instead of the idiots who currently do it.
security
politics
travel
airline
airport
stupid
september 2008 by threedaymonk
StartSSL™ Certificates & Public Key Infrastructure
july 2008 by threedaymonk
Free SSL certificates.
https
ssl
security
free
july 2008 by threedaymonk
No t-shirt, no flight
may 2008 by threedaymonk
A new nadir in airport security theatre. Wearing a t-shirt with a picture of a fictional robot holding a gun? You’re not allowed to fly from Heathrow T5.
uk
travel
airport
wtf
security
may 2008 by threedaymonk
Airport Security
april 2008 by threedaymonk
A game where you keep the skies safe by removing arbitrary items from passengers. Just like the real thing!
flash
games
security
travel
humour
april 2008 by threedaymonk
Experts hack power grid in no time
april 2008 by threedaymonk
Some things really ought not to be on the public interwebs.
security
april 2008 by threedaymonk
CCC publiziert die Fingerabdrücke von Wolfgang Schäuble [Update]
march 2008 by threedaymonk
Great hack: publishing the fingerprints of the German Interior Minister as a strike against biometrics.
security
politics
biometrics
march 2008 by threedaymonk
PIN Entry Device (PED) vulnerabilities
february 2008 by threedaymonk
As might have been expected, chip-and-PIN isn't as secure as the banks would have you think.
security
business
crime
chipandpin
smartcards
banking
february 2008 by threedaymonk
Zero Sign On - 1 better or Infinitely better than Single Sign On?
february 2008 by threedaymonk
Dr Nic introduces a useful discovery.
browser
security
openid
february 2008 by threedaymonk
Compromising Reflections: How to read Computer Monitors around a Corner
february 2008 by threedaymonk
Look at something shiny through a telescope.
security
optics
february 2008 by threedaymonk
Microsoft wants to worm its way into your PC
february 2008 by threedaymonk
'Microsoft is [...] hoping to use friendly "worms" to distribute software patches surreptitiously.' Yeah, that'll end well.
microsoft
security
stupid
february 2008 by threedaymonk
Using autofs for GPG keys on a USB stick
february 2008 by threedaymonk
Stop spies, criminals, and US customs agents from stealing your data.
linux
crypto
security
february 2008 by threedaymonk
Protecting custom SQL in Rails from SQL injections
january 2008 by threedaymonk
How to use placeholders in full-custom SQL. I've griped about the absence of this for ages.
ruby
rails
activerecord
sql
webdev
security
reevoo-developer
january 2008 by threedaymonk
shimmer
january 2008 by threedaymonk
An interesting alternative to port-knocking.
firewall
network
linux
security
january 2008 by threedaymonk
The Airport Security Follies
december 2007 by threedaymonk
I know it’s bullshit; you know it’s bullshit; pilots know it’s bullshit: but when will the idiots who make up these stupid rules realise?
travel
airline
security
stupid
december 2007 by threedaymonk
Bruce Schneier Blazes Through Your Questions
december 2007 by threedaymonk
Q&A-style interview on the Freakonomics blog.
security
computing
economics
infosec
december 2007 by threedaymonk
Aircrack-ptw main
october 2007 by threedaymonk
How to use aircrack-ptw and other tools to find a WEP key in minutes.
linux
wireless
security
howto
october 2007 by threedaymonk
Government Official Uses Homeland Security Data To Stalk Ex-Girlfriend
september 2007 by threedaymonk
A cautionary tale for those who still believe ‘nothing to hide, nothing to fear’.
security
liberty
freedom
society
september 2007 by threedaymonk
The Biggest Ever BitTorrent Leak: MediaDefender Internal Emails Go Public
september 2007 by threedaymonk
I think the word they’re looking for is ‘pwned’.
email
bittorrent
wow
internet
security
copyright
p2p
september 2007 by threedaymonk
Confirmed: Microsoft is fiddling with system files without permission
september 2007 by threedaymonk
That’s what you get for running a third-rate operating system from a convicted monopolist.
microsoft
windows
security
privacy
september 2007 by threedaymonk
‘Vatican air’ passengers’ holy water confiscated
august 2007 by threedaymonk
The so-called security restrictions are stupid, but in this case I can’t help but laugh!
religion
travel
security
stupid
august 2007 by threedaymonk
'Taleban-like beard' sees Metallica frontman detained at airport
july 2007 by threedaymonk
Airport security is stupid.
security
stupid
humour
july 2007 by threedaymonk
Yould: the smart name generator
june 2007 by threedaymonk
Generates pronounceable random words.
security
random
june 2007 by threedaymonk
New controversial default Rails session storage: cookies
february 2007 by threedaymonk
Another questionable decision.
ruby
rails
security
webdev
february 2007 by threedaymonk
Schneier on Security: DRM in Windows Vista
february 2007 by threedaymonk
Windows Vista ‘will make your computer less reliable and less secure.’
microsoft
drm
windows
security
february 2007 by threedaymonk
The cost of monoculture
january 2007 by threedaymonk
Think Microsoft’s monopoly is bad? It could be worse. You could live in South Korea.
open-source
ie
windows
korea
security
monopoly
january 2007 by threedaymonk
Gmail Bug: Your Gmail Contact List is Being Expose to Spammers
january 2007 by threedaymonk
You might want to log out of Google services until they fix this.
google
security
privacy
bug
gmail
january 2007 by threedaymonk
Sun redefines randomness
november 2006 by threedaymonk
Sun Java’s java.util.Random.nextLong() is not random!
programming
java
security
random
bug
november 2006 by threedaymonk
Asians thrown off flight
november 2006 by threedaymonk
Once again, a reactionary bigot succeeds in getting four people marched off a plane for wearing Islamic dress and not speaking English.
stupid
security
racism
airline
travel
november 2006 by threedaymonk
artificial ignorance: how-to guide
september 2006 by threedaymonk
Filter the boring stuff out of logs, and you'll notice the unusual, interesting events.
security
howto
september 2006 by threedaymonk
Schneier on Security: Human/Bear Security Trade-Off
august 2006 by threedaymonk
‘There is considerable overlap between the intelligence of the smartest bears and the dumbest tourists.’
security
humour
august 2006 by threedaymonk
Bruce Schneier Facts
august 2006 by threedaymonk
‘Bruce Schneier’s secure handshake is so strong, you won’t be able to exchange keys with anyone else for days.’
humour
security
august 2006 by threedaymonk
DieHard
august 2006 by threedaymonk
‘DieHard can take some buggy programs and make them bug-free (or close to it).’
c
programming
memory
security
august 2006 by threedaymonk
Oedipus Web Scanner Project
february 2006 by threedaymonk
Security analyser for web apps (written in Ruby).
ruby
security
webdev
february 2006 by threedaymonk
XSS Cheat sheet
december 2005 by threedaymonk
Lots of cross-site scripting attacks.
webdev
security
reference
programming
hack
december 2005 by threedaymonk
Airline Security a Waste of Cash
december 2005 by threedaymonk
Bruce Scheier is right again.
security
liberty
freedom
privacy
december 2005 by threedaymonk
DenyHosts
september 2005 by threedaymonk
At last! A way to deal with the pesky hackers trying to brute-force their way in.
security
ssh
linux
september 2005 by threedaymonk
The Shape of Days: Violence of the electronic kind
april 2005 by threedaymonk
Yes Virginia, there are nasty hackers out there—but security is the administrator's responsibility
osx
internet
security
april 2005 by threedaymonk
related tags
activerecord ⊕ adware ⊕ airline ⊕ airport ⊕ airports ⊕ android ⊕ apache ⊕ authentication ⊕ aws ⊕ banking ⊕ biometrics ⊕ bittorrent ⊕ browser ⊕ bug ⊕ business ⊕ c ⊕ cancer ⊕ chipandpin ⊕ commented ⊕ computing ⊕ copyright ⊕ crime ⊕ crypto ⊕ cryptography ⊕ dos ⊕ drm ⊕ ec2 ⊕ economics ⊕ email ⊕ energy ⊕ firefox ⊕ firewall ⊕ flash ⊕ france ⊕ free ⊕ freedom ⊕ games ⊕ gmail ⊕ google ⊕ hack ⊕ hdd ⊕ howto ⊕ http ⊕ https ⊕ humour ⊕ ie ⊕ infosec ⊕ internet ⊕ interview ⊕ israel ⊕ java ⊕ javascript ⊕ korea ⊕ liberty ⊕ linux ⊕ locks ⊕ memory ⊕ microsoft ⊕ military ⊕ mitm ⊕ monopoly ⊕ network ⊕ no2id ⊕ office ⊕ open-source ⊕ openid ⊕ optics ⊕ osx ⊕ p2p ⊕ passwords ⊕ peak-oil ⊕ perl ⊕ politics ⊕ privacy ⊕ programming ⊕ propaganda ⊕ proxy ⊕ racism ⊕ radiation ⊕ rails ⊕ random ⊕ reevoo-developer ⊕ reference ⊕ religion ⊕ reversing ⊕ ruby ⊕ safety ⊕ sandbox ⊕ satire ⊕ scanner ⊕ search ⊕ security ⊖ smartcards ⊕ society ⊕ socks ⊕ sony ⊕ sql ⊕ ssh ⊕ ssl ⊕ storage ⊕ stupid ⊕ terrorism ⊕ theft ⊕ tls ⊕ tracking ⊕ transport ⊕ travel ⊕ tsa ⊕ uk ⊕ usability ⊕ virus ⊕ vpn ⊕ webdev ⊕ windows ⊕ wireless ⊕ work ⊕ wow ⊕ wtf ⊕ xss ⊕Copy this bookmark: