Skip to main content

Home/ Groups/ Information Security
Rss Feed
Sort By: Most Recent | Popular Filter: All | Bookmarks | Topics Simple Middle
Rich Hintz

Open CRS - CRS Reports for the People - 2 views

opencrs.com/R40161

hipaa security

shared by Rich Hintz on 16 Mar 10 - Cached
  • Rich Hintz on 16 Mar 10
     
    The Health Information Technology for Economic and Clinical Health (HITECH) Act
Rich Hintz

http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf - 2 views

www.usenix.org/...Wei.pdf

storage ssd security

shared by Rich Hintz on 07 Mar 11 - No Cached
  • Rich Hintz on 07 Mar 11
     
    Reliably Erasing Data From Flash-Based Solid State Drives
Carlos Gomes

Welcome to CAcert.org - 1 views

www.cacert.org/index.php

assurance cryptography msia pki security

shared by Carlos Gomes on 13 Mar 07 - Cached
  • CAcert.org is a community driven, Certificate Authority that issues certificates to the public at large for free. CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically with the X.509 family of standards. We have compiled a document base that has helpful hints and tips on setting up encryption with common software, and general information about Public Key Infrastructures (PKI). For the enthusiast looking to dip their toe in the water, we have an easy way of obtaining certificates you can use with your email program. You can use these not only to encrypt, but to prove to your friends and family that your email really does come from you. For administrators looking to protect the services they offer, we provide host and wild card certificates which you can issue almost immediately. Not only can you use these to protect websites, but also POP3, SMTP and IMAP connections, to list but a few. Unlike other certificate authorities, we don't limit the strength of the certificates, or the use of wild card certificates. Everyone should have the right to security and to protect their privacy, not just those looking to run ecommerce sites. If you're extremely serious about encryption, you can join CAcert's Assurance Programme and Web of Trust. This allows you to have your identity verified to obtain added benefits, including longer length certificates and the ability to include your name on email certificates. CAcert Inc. is a non-profit association, incorporated in New South Wales Australia.
Seçkin Anıl Ünlü

How I would Hack your PC, Mac with USB HID - 1 views

feedproxy.google.com/~r/taranfx/~3/xD8CZ-NgwE8/pc-mac-usb-hid-hack?title=How I would Hack your PC, Mac with USB HID

hack usb hid hardware malware

shared by Seçkin Anıl Ünlü on 17 Apr 10 - No Cached
  • Seçkin Anıl Ünlü on 17 Apr 10
     
    We live in the world full of serpents, overlook things for seconds and you are bitten to death. Trojans, viruses, malware are everywhere. They find new
Seçkin Anıl Ünlü

Plugging the CSS History Leak at Mozilla Security Blog - 0 views

blog.mozilla.com/...plugging-the-css-history-leak

security web history mozilla online browsers privacy bugfix

shared by Seçkin Anıl Ünlü on 17 Apr 10 - Cached
  • History Sniffing
  • Links can look different on web sites based on whether or not you’ve visited the page they reference.
  • The problem is that appearance can be detected by the page showing you links, cluing the page into which of the presented pages you’ve been to. The result: not only can you see where you’ve been, but so can the web site!
  • ...18 more annotations...
  • The most obvious fix is to disable different styles for visited versus unvisted links, but this would be employed at the expense of utility: while sites can no longer figure out which links you’ve clicked, neither can you.
  • David Baron has implemented a way to help keep users’ data private while minimizing the effect on the web, and we are deploying it to protect our users.
  • The biggest threats here are the high-bandwidth techniques, or those that extract lots of information from users’ browsers quickly.
  • The JavaScript function getComputedStyle() and its related functions are fast and can be used to guess visitedness at hundreds of thousands of links per minute.
  • we’re approaching the way we style links in three fairly subtle ways:
  • Change 1: Layout-Based Attacks
  • First of all, we’re limiting what types of styling can be done to visited links to differentiate them from unvisited links.
  • can only be different in color
  • the CSS 2.1 specification takes into consideration how visited links can be abused:
  • implement other measures to preserve the user’s privacy while rendering visited and unvisited links differently
  • Change 2: Some Timing Attacks
  • we are changing some of the guts of our layout engine to provide a fairly uniform flow of execution to minimize differences in layout time for visited and unvisited links.
  • when the link is styled, the appropriate set of styles is chosen making the code paths for visited and unvisited links essentially the same length.
  • Change 3: Computed Style Attacks
  • JavaScript is not going to have access to the same style data it used to.
  • Firefox will give it unvisited style values.
  • it’s the right trade-off to be sure we protect our users’ privacy.
  • fixing CSS history sniffing will not block all of these leaks. But we believe it’s important to stop the scariest, most effective history attacks any way we can since it will be a big win for users’ privacy.
Rich Hintz

HITECH Act Enforcement Interim Final Rule - 0 views

www.hhs.gov/...hitechenforcementifr.html

hipaa security

shared by Rich Hintz on 16 Mar 10 - Cached
  • Rich Hintz on 16 Mar 10
     
    HITECH HIPAA
1 - 20 Next › Last »
Showing 20 items per page