Posts Tagged ‘Security’

Content separation: lab.lonerunners.net

Sunday, November 16th, 2008

(photo credits: Cyb3rbl@ck)

Per rendere più ordinato e più facilmente leggibile questo blog ho deciso di separare tutti i contenuti riguardanti la sicurezza informatica e la ricerca in un’altra sezione, precisamente un dominio chiamato lab.lonerunners.net.

Le notizie più importanti saranno comunque commentate qui in italiano.

Tutti post in inglese e quello che io chiamo pillole di sicurezza informatica o security drugs da oggi avranno quindi una nuova casa, che potete visitare su lab.lonerunners.net oppure seguire via RSS feed.

What’s new in the Flash 10 security

Thursday, September 4th, 2008

The new version of Adobe Flash (actually 10 beta) has a variety of features and enhancements aimed to increase the security.

You can read a detailed article of Trevor McCaulery here: http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html

It seems that the Adobe security is based on:

  • require user interaction: to avoid automatic explotation and warn user about flash actions
  • new features that ovverride olds with a more secure implemtation

Cold Boot Attacks on Disk Encryption

Saturday, February 23rd, 2008

As i usually say, computer must be secure at all ISO/OSI layers starting from physical layer. If physical layer is not secure, there ins’t security.
Take a look at this research paper from Freedom to Tinker blog.

"Today eight colleagues and I are releasing a significant new research result.
We show that disk encryption, the standard approach to protecting
sensitive data on laptops, can be defeated by relatively simple
methods. We demonstrate our methods by using them to defeat three
popular disk encryption products: BitLocker, which comes with Windows
Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used
with Linux. The research team includes J. Alex Halderman, Seth D.
Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A.
Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten.

Our site has links to the paper, an explanatory video, and other materials."

IT Security is Burning

Saturday, February 23rd, 2008

Web Application (In)Security Uncensored

Tuesday, November 13th, 2007

Oggi 13 novembre nell’ambito delle serate a tema del LUG Trieste, un talk sulle insicurezze del web, appuntamento alle 2030 a Trieste presso la Casa delle Culture di Ponziana in via Orlandini 38 (Visualizza su GoogleEarth, Istruzione su come arrivarci).

Web 2.0, Ajax, Javascript, Flash, una miriade di tecnologie per
aumentare le funzionalita` del moderno World Wide Web.
Una moltitudine di applicazioni e servizi sono fruibili con un semplice
web browser, tutto viene fatto con un web browser.
Bello e comodo, ma sicuro?
Panoramica sulle sicurezze, anzi insicurezze, delle moderne applicazioni
web.