Vulnerability discovered in SSH specification

Monday, November 17th, 2008

According to the UK-based Centre for the Protection of National Infrastructure (CPNI), an error in the secure shell protocol (SSH) specification can in rare cases be exploited to reconstruct part of the plain text. According to their description of the error, the standard OpenSSH configuration allows 32 bits of plain ...

Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments

Once Thought Safe, WPA Wi-Fi Encryption Is Cracked

Friday, November 7th, 2008

Security researchers say they've developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks. The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will ...

Posted in Hardware, Internet, Networking, Privacy, Security | No Comments

TrueCrypt 6.1 encryption software released

Monday, November 3rd, 2008

TrueCrypt 6.1, the open source, cross platform disk encryption tool, now supports the encryption of non-system partitions under Windows Vista and Server 2008, without losing the existing data on that partition. However users need to choose "Create Volume/Encrypt a non-system partition/Standard volume/Select Device/Encrypt partition in place" to make use of ...

Posted in Internet, Privacy, Security, Software, Windows | No Comments

Firefox extension protects against man-in-the-middle attacks

Tuesday, August 26th, 2008

Researchers at Carnegie Mellon University have released an extension for Firefox 3 that can protect wireless network users from so-called "man-in-the-middle" attacks. The software, dubbed "Perspectives," is available for download for free. Perspectives also protects against attacks that exploit a recently exposed flaw in the DNS system, which translates Web addresses into ...

Posted in Internet, Networking, Privacy, Security | No Comments

Trend Micro session token insufficiently random

Monday, August 25th, 2008

Secunia, the security services provider, has issued a security advisory about a vulnerability in Trend Micro's OfficeScan 8.0 and Worry-Free Business Security 5.0 that makes it easier for attackers to take control of the web management of those products. According to Secunia, the web-based configuration interface uses a pseudo-random token ...

Posted in Internet, Privacy, Security, Software | No Comments

Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap