Digital Consumption - Tagged: Securityhttp://digitalconsumption.com/Charles Darke's Personal Websiteen-gbSat, 08 Mar 2008 01:09:30 +0000Sat, 08 Mar 2008 01:09:30 +0000Copyright 2005-2006, Digital Consumption.600Blowfish shadow files on Debianhttp://digitalconsumption.com/forum/615-Blowfish-shadow-files-on-DebianInstructions on how to get blowfish shadow files on Debian. Note for future reference. [Continued: <a href="http://digitalconsumption.com/forum/615-Blowfish-shadow-files-on-Debian"> Blowfish shadow files on Debian</a>]nospam@example.com (Charles Darke)Sat, 08 Mar 2008 01:09:30 +0000http://digitalconsumption.com/forum/615-Blowfish-shadow-files-on-DebiansecuritydebianblowfishpamNet vigilantismhttp://digitalconsumption.com/forum/594-Net-vigilantismChris Anderson got fed up of PR people sending him 'spam' and has decided to engage in some <a href="http://www.longtail.com/the_long_tail/2007/10/sorry-pr-people.html">net vigilantism</a> by publishing their emails to be harvested by spam bots. The problem with this sort of lynch mob justice is the same as real-life lynch mob justice: it can be disproportionate and done in the heat of the moment. [Continued: <a href="http://digitalconsumption.com/forum/594-Net-vigilantism"> Net vigilantism</a>]nospam@example.com (Charles Darke)Wed, 31 Oct 2007 23:13:38 +0000http://digitalconsumption.com/forum/594-Net-vigilantismsecuritynet-vigilantismspamWhy relying on correct user behaviour cannot prevent phishinghttp://digitalconsumption.com/forum/Why-relying-on-users-cannot-prevent-phishingThis <a href="http://www.usablesecurity.org/emperor/">study</a> showed that 92% of the people surveyed entered their passwords even when a security picture was not displayed.<br><br>Although this is a small sample, I think it confirms a widely held belief amoung security experts that security measures that rely on correct user behaviour for security are not effective. [Continued: <a href="http://digitalconsumption.com/forum/Why-relying-on-users-cannot-prevent-phishing">Why relying on users cannot prevent phishing</a>]nospam@example.com (Charles Darke)Tue, 06 Feb 2007 16:35:22 +0000http://digitalconsumption.com/forum/Why-relying-on-users-cannot-prevent-phishingsecurityA simple solution to OpenID phishing attackshttp://digitalconsumption.com/forum/A-simple-solution-to-OpenID-phishing-attacksI'm currently testing a simple fix to prevent phishing attacks on OpenID from malicious relying parties.<br><br>The idea is simple: I have a static IP address and so instead of asking for a password, I've modified an IdP to authorise by checking my IP instead of requesting a password. This has the obvious disadvantages of requiring a static IP and limiting you to posting from home. [Continued: <a href="http://digitalconsumption.com/forum/A-simple-solution-to-OpenID-phishing-attacks">A simple solution to OpenID phishing attacks</a>]nospam@example.com (Charles Darke)Tue, 23 Jan 2007 22:31:28 +0000http://digitalconsumption.com/forum/A-simple-solution-to-OpenID-phishing-attacksphpcodeopenidsecurityFirst Direct are Phishershttp://digitalconsumption.com/forum/First-Direct-are-Phishers"Never give your details out!", they warn. Then they cold call me and ask to verify my details... [Continued: <a href="http://digitalconsumption.com/forum/First-Direct-are-Phishers">First Direct are Phishers</a>]nospam@example.com (Charles Darke)Thu, 10 Aug 2006 20:00:29 +0100http://digitalconsumption.com/forum/First-Direct-are-PhisherssecurityVMWare Virtual Appliances Trojan Threathttp://digitalconsumption.com/forum/VMWare-Virtual-Appliances-Trojan-ThreatDoes the distribution of pre-packaged virtual machines pose a security threat? [Continued: <a href="http://digitalconsumption.com/forum/VMWare-Virtual-Appliances-Trojan-Threat">VMWare Virtual Appliances Trojan Threat</a>]nospam@example.com (Charles Darke)Sat, 05 Aug 2006 22:27:33 +0100http://digitalconsumption.com/forum/VMWare-Virtual-Appliances-Trojan-Threatvirtualizationsecurity