A simple command generates a self signed certificate ready for use by your Ubuntu Apache server (already referenced to in sites-available/default-ssl) make-ssl-cert generate-default-snakeoil –force-overwrite After that, all you have to do is enable ssl.conf and ssl.load in mods-enabled, restart apache and your off and running! [ad name=”ssl_certificates”]
Tag: Security
How to Disable Credit Card RFID
I have an American Express Blue card which includes an RFID chip (because waving your card is so much easier than swiping it.) Unfortunately, if you have one of these (or a credit card with PayPass) your card is vulnerable. Fortunately, it’s easy to disable the RFID chip in your credit card. Here’s what I… Continue reading How to Disable Credit Card RFID
Fear == money
The 2009 budget for homeland security is $50 billion. The budget for the National Highway Traffic Safety Administration is about $1 billion. From the article: “We fund terrorism prevention at about $17,000,000/fatality (i.e., $50 billion/3,000 fatalities) and accident prevention at about $25,000/fatality (i.e., $1 billion/40,000 fatalities)” This is just one more example that the government’s… Continue reading Fear == money
AWS Security Whitepaper
Amazon just posted a security whitepaper which describes the security measures they have in place to protect their customers. It’s a short read (9 pages) and I strongly recommend it if you are using EC2, S3 or SimpleDB for anything. They explain their security measures and make recommendations for further protection their customers can put… Continue reading AWS Security Whitepaper
more spamming on linuxsecurity.com
Come on guys, get it right… I’m getting sick of this.
Linux(in)security.com
I was just going through all of my items in google reader (which includes linuxsecurity.com) and it looks like someone has managed to hack some spam into their newsfeed. I find it mildly entertaining that a site so focused on security is being used by spammers. Let me clarify that this abuse is most likely… Continue reading Linux(in)security.com
New version of AVG anti-virus available
For those of you that run AVG Free (free for personal use) there is a major update available. For those of you that don’t run any antivirus software on your computer – SHAME ON YOU! This new version includes anti-spyware, so if you have AVG’s anti-spyware (Ewido) installed, you’ll have to uninstall it first (go… Continue reading New version of AVG anti-virus available
Encryption passphrase protected under 5th amendment
This is kinda old news, but interesting anyway. According to this story, “A federal judge in Vermont has ruled that prosecutors can’t force a criminal defendant accused of having illegal images on his hard drive to divulge his PGP (Pretty Good Privacy) passphrase.” For those of you that don’t remember, this part of the 5th… Continue reading Encryption passphrase protected under 5th amendment
My interrupt-driven life
Here I am, peacefully working at my computer when I’m interrupted by a text message on my phone: ** PROBLEM alert – someserver.somewhere.com/SSH is CRITICAL ** That’s not a good thing. Hoping it’s a false alert, I try to ssh in. No luck. I try again. Still no luck. And a third time, Yes! I’m… Continue reading My interrupt-driven life
WordPress comment SQL injection attempt
I have comment moderation turned on for most of the blog sites I manage. As a result, if someone new comes in and posts a comment, I get a nice email letting me know that I need to approve it. Yesterday, I got one that said this: Author : Bill366758271′,’258878095billy@msn.com’,”,’171.85.174.159′,’2008-03-11 22:28:47′,’2008-03-11 22:28:47′,”,’0′,’lynx’,’comment’,’0′,’0′),(‘0’, ”, ”, ”,… Continue reading WordPress comment SQL injection attempt