search
top

When Organizations Do Not Use Email Encryption

When Organizations Do Not Use Email Encryption

For this article, I had originally written it a few months ago. However, I didn’t get the chance to post it at that time. And, in a fortunate and positive way it turns out that my post will be some what less relevant than originally intended for the readers. When I initially had started this article, I had noticed an issue which seems to crop up anytime I am working with an organization. Many important organizations still lack basic security tools and options. In the example of this article, it looks into the lack of use of email encryption and secure email systems.

Now before I get into the nitty gritty stuff I want to list out a disclaimer. Everything I conduct, list, and discuss on my blog is and has always been for educational purposes. None of my articles are made or should be used to attack machines out there. All information on my blog is for the better purpose of learning better security methods.

Disclaimer

Now this article is not meant to bash government organizations in any way what so ever. This article is here to teach that any and all types of organizations can easily lack basic security measures. (more…)

Why No Padlock?

SSL Scanning Websites

So today, I came across a website that does a quick SSL test on your website.

Anyone with a website should really be running this tool. I actually did find a few minor issues and was able to gather some info about it.

Our Results

Here is what we got for our results:

whynopadlock

whynopadlock

 

It’s looking good for us and especially since we have forced all our internal links to make use of HTTPS

I also wanted to list a bad result as shown below.

(more…)

Russia claims they can now collect crypto keys?

Russia and the Encrypted World

So in top news many have probably already heard of Russia claiming or at least pushing to break encryption.
The initiative is to push for a wide ranging surveillance law, which would allow them access to a whole heck lot of information.

The law calls for metadata and content to be stored for at least six months, plus access to encrypted services.
This means that they also want access to decrypt Whatsapp conversations/chats, Viber & Skype calls… etc… etc…

So how do they go about this now? (more…)

SSL Cert Options

SSL Certificates

To Start off, I am going to break this post into many parts.
This will be part 1

So lately, I have been looking at different SSL Cert options that are out there for your applications and machines.

Let’s face it unless you’re a small to large business you may not see a huge investment with SSL certs.

Personally, I think  it’s a general good practice most people should adopt it for everything.
I’ve seen some people complain that adding a layer of SSL decreases server performance.

In my opinion most machines these days are fairly powerful.
Or, at least powerful enough to take on something like SSL, so I don’t see that as a very valid excuse at all.

The main reason people may not wish to make use of SSL is due to the costs, or the lack of knowledge on how to properly make use of one.

And, my hope is to find a reliable SSL Cert CA, that also is reasonably priced and affordable for the average blog poster.

I found an interesting website that actually did an analysis on this issue awhile back.

(more…)

top