Monday, November 30, 2009

norbt

I was reading my RSS feeds recently (which I have not accessed for weeks due to being busy) and 'norbt' caught my attention. norbt , as described on it's webpage, is a webpage containing encrypted text and you need a key / answer to decrypt it like how you do encryptions. norbt's webpage is: https://norbt.com/.

It's a cool piece of technology. How relevant is it... it depends. I personally would use logins and servlets with HTTPS if I want users to access confidential or secret data. But if I want a quick encrypted page to be up, maybe I would consider using norbt.

Friday, November 6, 2009

SSL v4 / TLS v2 ?

SSL/TLS are being fixed. So I guess soon we would see v4 of SSL and v2 of TLS ? The problem is said to be in the protocol so a fix in the protocol is needed.

Read: http://arstechnica.com/security/news/2009/11/https-ssl-attack-vector-discovered-fix-is-on-the-way.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

Let's hope such bugs don't occur. Imagine what happens if some attacker or even terrorists manage to use the weaknesses in these 'secure' protocol and bring critical national and worldwide infrastructutres to it's knees before anyone can fix it.

The solution: always do regular evaluation on security for those who don't do it and always make 200% sure your IT stuff are really secure and robust.

LHC Shut Down Again ? By Baguette-Dropping Bird

Read: http://science.slashdot.org/story/09/11/06/0824213/LHC-Shut-Down-Again-mdash-By-Baguette-Dropping-Bird

Maybe the universe doesn't want us to find out about the true secrets of the world ? Imagine if everyone of us knew it, everyone could use it... then we would not be walking... we would be levitating... we would not need to live by the laws of this universe. Why are we here in the first place if we can defy the laws of this world ? Doesn't that defy our very existance ?

Thursday, November 5, 2009

Is online transactions safe ?

In computing history, there are many attacks against online transactions. There are failures and successes. Those who succeed made huge headlines and those failed are mostly hidden away or just fade off. Online transactions have always been very vulnerable because you have no way of knowing who you might be doing a transaction with. What if someone managed to spoof off their identity ?

Whether it is human error or computing error causing transactions online to fail, online transactions are always dangerous because of many unknown danger factors like trying to confirm the identity of the person you are doing transactions with and how trustworthy the other entity is. Is the other entity secure too besides yourself ? Are you actually secured...

Recently, a loophole in SSL/TLS have been found since September 2009. Imagine how many attacks could have occured using the loophole up till now, nothing have been published to seal the loophole.

Read: http://www.theregister.co.uk/2009/11/05/serious_ssl_bug/

This is big and very serious. I have never trusted online transactions. They are flawed. Imagine you use a service provider as your middle man and 'he' betrays your trust... you are definitely 'finished'.

I personally still think that online transactions are a danger to highlyu confidential stuff. I do rather personally communicate and meet the person in person than do it over the Net.

A bad hair day...

I guess I am having a bad hair day or whatever... since I am just whining all day and criticizing everything since somehow nothing can really appeal to me today.

I thought I would play around with the policy tool on my new and shiny Ubuntu 9.10 but the GUI just sucks. It's AWT... it's ugly, badly designed and sucks.

Apple's playing cat and mouse games with hackers who hack apple stuff and release stuff like jailbreaks for iPhones and Hackintosh. Why don't they stop their own trouble of playing cat to catch those mice, just charge them in court with lawsuits (something similar to pirate bay) and get the public to hate Apple for a while since their 'beloved heroes' are sued but hey, that saves them all the trouble playing 'cat'. Just let some people hate you for a while but you do save your own ass playing 'cat' right and whoever tries to do hackings on Apple, just sue them. That's what the court is for. Oh... and sue Palm too for trying to spoof off it's USB to attempt fooling iTunes... Just sue everyone whose against Apple. It do make life far easier and give those lawyers some money to earn..

Some music industries keep blaming P2P for the bad sales of their records but all they can think of is playing head on battle. They aren't creative enough to use other ways of dealing with the issue and also are good at making a bad name for themselves.

Yeah... I guess I am really having a bad hair day judging by those post above I made.