The Carnegie-Mellon University (CMU) made available a Firefox extension developed at their School of Computer Science and College of Engineering that improves security in Firefox by protecting against man-in-the-middle attacks. The extension, named Perspectives, is available only for Firefox 3 and works on Windows, Linux (32-bit) and OS X (Intel), with support for Linux (64-bit) and Open Solaris being in the experimental stage of development.
A man-in-the-middle attack is performed by intercepting the traffic between a user and a resource that he is trying to access. This can be achieved by exploiting several vulnerabilities, like the latest DNS cache poisoning or GMail accounts hacking incidents show.
When accessing a server resource using secure protocols like SSL or SSH, a correct identification of the server is required. This is achieved through digitally signed certificates. Due to the fact that certificates issued by trusted authorities like VeriSign are expensive, it became common practice for small businesses and websites to use self-signed certificates. Read More»
Posted in Firefox | No Comments »
Gmail recently became more secure for users and now you can use the Gmail SSL (Secure Socket Layer) feature to enable HTTPS for a more secure connection online while accessing your email. But you have to enable the setting…
Secure Gmail Connection
How to enable default secure Gmail connection?
Login to Gmail > Go to Settings > General > Browser Connection
Browser Connection set to https will force a secure connection and is essential to keep your data safe and protect it from hijacking. It is essential particularly for those accessing Internet and gmail via public Wifi or non-encrypted networks. So if you routinely login via wireless internet at coffee shops, airports, college dorms, then you might need this additional layer of security.
But I see https when I login?
Gmail uses https to protect your password every time you log into Gmail, but they don’t use https once you’re in your mail unless you enable this setting. Read More»
Posted in Internet | No Comments »
January 07, 2008 by
Jason Securing data from web-based applications is just an aspect of keeping information safe. In this context, an encryption framework will do the trick of keeping sensitive data confidential. And this is where Secure Socket Layer and Transport Layer Security come into play, along with Apache. When it comes down to bridging open source technology with its proprietary Windows operating system, Microsoft has used Port25 as a source of resources, and illustrative examples involve Windows and Linux technical analyses such as Recovering Data from Windows systems by using Linux and Active Directory and Linux Identity Management.
Keeping in with this trajectory, the Redmond company has now made available yet another resources, this time focused on the integration of Apache with SSL on Windows. “Often SSL or TLS is required to secure data from web applications. Read More»
Posted in Linux, Windows Vista | No Comments »
