bitwizzle
|
9 years ago
|
on: A US-born NASA scientist was detained at the border until he unlocked his phone
Now is the time for vendors to consider implementing a duress password. Upon entering your duress password the user is presented with a fake profile, or perhaps everything could just be wiped. I'm not sure how well this would play out in the real world, but it's one of the best things protections I could imagine if you want to carry sensitive data across borders.
bitwizzle
|
12 years ago
|
on: Heartbleed Alexa top 10000
It's not security by obscurity. It's security by diversity, which is arguably a good thing.
bitwizzle
|
12 years ago
|
on: Introducing Cover
Apps on your phone (that have the right permissions) already have the ability to do everything that this app does. Did you personally audit the source code/reverse engineer every app to find out whether it is abusing these privileges? Do you trust the author of every privileged app on your phone?
This is the reality of smart phones. The only difference with this app is that it is upfront about profiling you. Coverscreen has a lot to lose if it anyone finds out they are misusing your data. You should be more worried about apps that aren't telling you how you're being profiled/monitored.
bitwizzle
|
12 years ago
|
on: Adding Vi To Your Zsh
For those of us still using bash, "set -o vi" is analagous. I would be interested in hearing about customizing it in ways like this article.
bitwizzle
|
12 years ago
|
on: Switch to HTTPS Now, For Free
While it's true that you should disable compression, most browsers disable it client-side now so this isn't a huge issue. As for BREACH, HTTP compression has a huge performance benefit, so it's not really feasible to disable it. Unfortunately, it's pretty difficult to protect the attack using other methods.
