|[PINs på Post-it. Er det noe problem?]|
Friday, October 21, 2011
Tuesday, October 18, 2011
RFC 3207:SMTP Service Extension forSecure SMTP over Transport Layer Security
In a previous blog post entitled "STARTTLS support in Hotmail/Gmail", I requested these services to implement support for RFC 3207, in order to use automatic and transparent security at the "back side" of their services, when available. I doubt I'm the reason here, but Google now has support in place! (Hooray!)
Friday, October 14, 2011
"Unfortunately you have provided an old password. Your password was last changed yesterday at 07:52. If you don't remember making this change, please click here".
First thought: WTF does Facebook tell me this????
Second thought: Good, they seem to have some password history going on. Got to test that later on, by trying to change back to my old password. I guess they don't block that quite yet.
Third thought: This is good from a usability perspective. They've got quite a few users (...), this will make it easier for them to actually change their passwords whenever they feel the need to do so, and handle it afterwards.
Fourth thought: A bruteforce attack against known logins will eventually succeed, but it may also reveal one or more previously used passwords, enabling several methods of pattern-based password analysis to improve the chances of an attacker figuring out the correct password faster and with less attempts then from a blind start.
Tuesday, October 11, 2011
|[Bilde fra WahWah brosjyre]|
Jeg er gammeldags. Jeg har passert 40. Jeg har en tåpelig tendens til å ta i mot utfordringer fra jenter. Kristin er en av dem. Utfordringen kom for noen måneder siden; hun utfordret meg til å skrive et blogginnlegg om mote & skjønnhet og sånn. Jeg svarte at det var liksom ikke helt min greie, men dersom jeg gjorde det så måtte hun kvittere med en bloggpost om sikkerhet & sånn. Jeg gleder meg allerede! ;-)