Photo
May 03, 2012
Trustworthy Internet Movement - Blog - SSL Pulse - To Make SSL More Secure and Pervasive

Trustworthy Internet Movement - Blog - SSL Pulse - To Make SSL More Secure and Pervasive

Tags: ssl seguridad claves fallos bugs errores

Photo
April 24, 2012
En @unaaldia: Nuevo keylogger para Android basado en el movimiento del teléfono

En @unaaldia: Nuevo keylogger para Android basado en el movimiento del teléfono

Tags: keylogger movimiento tap android claves detección

Text
March 21, 2012

Failing with passwords

Did a talk about implementing password security right last night at Five Minutes of Fame.

(Source: tersesystems.com)

Tags: claves contraseñas passwords consejos seguridad

Photo
February 22, 2012
Extensión: Password reuse visualizer from Mozilla

Extensión: Password reuse visualizer from Mozilla

Tags: extensión extensiones addon passwords claves contraseñas reutilización reuse

Photo
February 20, 2012
Vía @schneierblog Crypto shocker: four of every 1,000 public keys provide no security (updated) Más en http://www.schneier.com/blog/archives/2012/02/lousy_random_nu.html “The cause of this is almost certainly a lousy random number generator used to create those public keys in the first place. This shouldn’t come as a surprise. One of the hardest parts of cryptography is random number generation. It’s really easy to write a lousy random number generator, and it’s not at all obvious that it is lousy. Randomness is a non-functional requirement, and unless you specifically test for it — and know how to test for it — you’re going to think your cryptosystem is working just fine. (One of the reporters who called me about this story said that the researchers told him about a real-world random number generator that produced just seven different random numbers.) So it’s likely these weak keys are accidental.”

Vía @schneierblog Crypto shocker: four of every 1,000 public keys provide no security (updated)

Más en http://www.schneier.com/blog/archives/2012/02/lousy_random_nu.html

“The cause of this is almost certainly a lousy random number generator used to create those public keys in the first place. This shouldn’t come as a surprise. One of the hardest parts of cryptography is random number generation. It’s really easy to write a lousy random number generator, and it’s not at all obvious that it is lousy. Randomness is a non-functional requirement, and unless you specifically test for it — and know how to test for it — you’re going to think your cryptosystem is working just fine. (One of the reporters who called me about this story said that the researchers told him about a real-world random number generator that produced just seven different random numbers.) So it’s likely these weak keys are accidental.”

Tags: criptografía certificados claves estudios rsa

Photo
January 22, 2012
14 notes
Claves//Contraseñas disclosure@dazzlepod

Claves//Contraseñas disclosure@dazzlepod

Tags: claves contraseñas password seguridad divulgación disclorusre ataques

Photo
January 10, 2012
9 notes
Contraseñas basadas en imágenes: Microsoft’s “Picture Password”: A Breath Of Fresh Air On The Lock Screen, Of All Places | TechCrunch

Contraseñas basadas en imágenes: Microsoft’s “Picture Password”: A Breath Of Fresh Air On The Lock Screen, Of All Places | TechCrunch

Tags: contraseñas claves passwords seguridad security identificación autentificación

Photo
January 06, 2012
2 notes
Apple patenta un sistema de recuperación de contraseñas mediante el cargador de corriente. Vía @jagelado: Apple patenta un sistema de recuperación de contraseñas mediante el cargador de corriente. (vía Apple patent application details password-protecting power adapters | iPhone Atlas - CNET Reviews)

Apple patenta un sistema de recuperación de contraseñas mediante el cargador de corriente. Vía @jagelado:

Apple patenta un sistema de recuperación de contraseñas mediante el cargador de corriente.

(vía Apple patent application details password-protecting power adapters | iPhone Atlas - CNET Reviews)

Tags: patentes claves passwords recuperación apple

Quote
December 15, 2011
8 notes
"When PuTTY has sensitive data in memory and has no further need for it, it should wipe the data out of its memory, in case malware later gains access to the PuTTY process or the memory is swapped out to disk or written into a crash dump file. An obvious example of this is the password typed during SSH login; other examples include obsolete session keys, public-key passphrases, and the private halves of public keys."

PuTTY vulnerability password-not-wiped

(Cuidado con las variables sensibles en los programas)

Tags: seguridad putty programación desarrollo claves variables disco escritura duración

Photo
December 09, 2011
1 note
Google Remembers Your Old Passwords No creo que recuerde las claves, sino más bien los ‘hashes’ o resúmenes de las claves, que no es lo mismo. En todo caso, es bueno saberlo….

Google Remembers Your Old Passwords

No creo que recuerde las claves, sino más bien los ‘hashes’ o resúmenes de las claves, que no es lo mismo. En todo caso, es bueno saberlo….

Tags: seguridad privacidad intimidad claves google servicios web internet