Many people think that Microsoft is still the source of vulnerabilities to viruses and exploits on their computers. This is no longer the case as improvements to Microsofts security model and Windows Update have significantly lowered the threat level of Microsoft products over the last few years. While you are still very vulnerable if using very old products that are no longer updated, like Windows 2000 or Windows NT4, new Windows versions like Windows 7, Vista, 2008 (and to a lesser extent XP) are far more secure than all of their previous operating systems. They are beginning to shake their reputation for insecure software.
The number one threat to any PC right now lies in Java. There are huge lists of vulnerabilities and exploits released by security analysts on a near weekly basis. These items sometimes go unpatched and exploited for months before a patch is released, and non-savvy users may not even keep their Java up to date, exposing them to more vulerabilities, longer.> read more
The Advanced Encryption Standard is the de-facto method for securing your data on the internet today. Encryption is a method of "encoding" your data, using a special code called a key, and a complex mathematical operation, to make your data unreadable to anyone without said key. Cracking AES encryption requires you to be able to "guess" the key. Now, guessing a simple key would be easy. A key using a single bit would be a single binary digit. Which is a "1" or a "0". However, the difficulty grows as the length of the key grows. A 5-bit key would have 32 possibilities. This is because for each bit you add, you are doubling the complexity of the key.
The 5-bit key could have the following possible values:
00000 00001 00011 00111 01111 11111
00010 00110 01110 11110 00100 01100
We will start off with one of the biggest stories of this year. The launch of Kim Dotcoms Mega. In a response to the government takedown of Megaupload, Kim Dotcom and an army of lawyers and security experts have developed Mega, located at Mega.co.nz. The site is quite ingenius in its application, because contrary to Megaupload, Mega does not have access to users data in any digestable form. Even the administrators of the site cannot decrypt the data stored on their servers, because it is encrypted client side before upload, and the key to decrypt the code is not stored on the servers.
This in essence absolves Mega of any responsibility for the sites content. It is controlled entirely by the users, who agree not to pirate anything when they sign up for an account.
This blog will follow the march of technology, and the ever changing landscape of Network and IT Security. As computing power increases and networks get more and more integrated into our lives, the security of our data is rapidly becoming the number one vulnerability in a persons life. Your neighbors are no longer the most likely people to be stealing from you or manipulating you. People from all over the globe can make skilled and deliberate attempts to steal from you, invisibly, from worlds away. This blog will follow the breakthroughs and setbacks of security and keep you up to date on how to keep your data safe.> read more