Collection of useful, relevant or inane places on the the Internets for 25 Mar 11:
- The Mac Security Blog ª Protect Safari from Fraudulent Digital Certificates – By default OS X (and by extension, Safari browser) does NOT have OSCP enabled to check for revoked certificates. And while OSCP isn’t much of a protocol and much reviled, you should enable it now since Comodo has been breached and have revoked some certificates. Here’s how.
Safari, however, doesnít directly use the CRL or OCSP systems mentioned above; settings to activate this feature are found in Keychain Access. To do this, open Keychain Access; it is in the Utilities Folder in the Applications folder on a Mac. Choose Keychain Access > Preferences, then click on the Certificates tab. Set the first two options, for OCSP and CRL, to Best Attempt, and leave priority set to OCSP. This will tell Safari, or any other program that uses the built-in certificates on Mac OS X, to check these servers before accepting any SSL certificate on a web site.
- Why HuffPoís British Empire Dreams Could Fall Flat: Tech News and Analysis ´ –
Meanwhile the British print and web news market ó the area which proved the biggest gap for Huffingtonís brand of news in the U.S. ó is radically more competitive than Americaís. Britainís biggest non-tabloid newspaper, the Daily Mail, sells more copies every day in a nation of 61 million than USA Today manages to shift across the entire 52 states. The rest of the market is similarly inflated by comparison: on a per capita basis, the New York Times is smaller than every single one of Britainís 11 nationally-available newspapers.
Surprising statistics. Also highlights that the British IT market is probably very different from the US, certainly the Telco market is. Food for thought.
- my80211.com – HOME – Fluke AirCheck – Gestalt IT Wireless TechField†Day –
Fluke AirCheck is a dedicated WiFi handheld analyzer. It is extremely lightweight and gives you the typical ìFluke feelî. Fluke positions the AirCheck product as an entry WiFi handheld analyzer. Fluke designed AirCheck with one thing in mind ìKeep it simpleî!
Every field engineer who has a wireless network needs one of these at least,. The company needs several WiSpy units from MetaGeek.net, and at aleast one AirMagnet. And someone who knows what they mean.
- YouTube – CCIE Exam with Jimmy Ray and Robb – Good as any way to tell people about the CCIE program.
- Comodoís SSL certificates: the underlying problem –
(Full disclosure: My company is a Comodo customer. I have not once had a ìgood experienceî with them and I absolutely hate them with a passion.)
Good opinion from Jeremy Gaddis at Evil Routers. I agree and good validation of a well known topic. Comodo is not to be trusted as a certificate issuer and yet, the Internet does. And people give them money – so wrong.
A couple of years ago, Eddy Nigg of StartCom Ltd., was able to obtain a legitimate certificate for mozilla.com, issued (again, no surprise) by a Comodo reseller:
Five minutes later I was in possession of a legitimate certificate issued to mozilla.com ó no questions asked ó no verification checks done ó no control validation ó no subscriber agreement presented, nothing.
- Cisco ASA Tech Specs Rev 8 – Cisco ASA Poster has been updated with approximate performance details for new models. Download and save to your hard drives, because the Cloud will delete it later (when you really need it and old models are not sold any more).
- Lenny Zeltser on Information Security ó 7 Inconvenient Truths for Information Security –
Information security policies and corresponding controls are often unrealistic. They donít recognize how employees need to interact with computer systems and applications to get work done. The result is a set of safeguards that provide a false sense of security.
When so-called security professionals say “if the business agrees to the risk and signs off it’s not a problem” then that is a problem. Lenny makes some good points and worth saving this for future security work.
- Tech Field Day ñ MetaGeek | The Networking Nerd –
it was time for the real payoff ñ a demonstration of the flagship Wi-Spy DBx analyzer tool and the associated Chanalyzer Pro analysis software. The Tech Field Day delegates also recieved a Wi-Spy and copy of Chanalyzer Pro so that we could follow along with the geeks as they laid out their program and itís capabilities.
Tom blogs in detail about the WiSpy at #TechFieldDay. As a result, I’m of the view that EVERY engineer should have a SpecAn tool. As a product sample, this is killer, it doesn’t cost a lot and works in Parallels / Fusion on the MAC.
- In Search of Tech | Looking for the next big thing. – Matthew Norwood moves off wordpress to his own site. Update your RSS feeds, lots of great content here.
- Enable Pinch/Zoom on Firefox 4 – Mac OS X Hints –
Firefox 4 disables two finger pinch/zoom gestures on a Mac. Here is how to make pinch/zoom work again.
I use this feature in Chrome and Safari all the time. Why disable it ?
- Did file-sharing cause recording industry collapse? Economists say no –
“The music industry is performing better than is being claimed and declining sales can be explained by other factors in addition to illegal filesharing,” say Bart Cammaerts and Bingchun Meng of LSE’s Department of Media Studies. “The negative framing of the debate about file-sharing and copyright protection threatens to stifle the very same creative industry the Act aims to stimulate.”
This article comes to the conclusion that artists are making money by abandoning to the studios and going direct to customers. The music industry is shrinking as costs are removed, and music competes with other leisure products such as games.
- Seth’s Blog: The triumph of coal marketing –
I think that any time reality doesn’t match your expectations, it means that marketing was involved. Perhaps it was advertising, or perhaps deliberate story telling by an industry. Or perhaps it was just the stories we tell one another in our daily lives. It’s sort of amazing, even to me, how much marketing colors the way we see the world–our reaction (either way) to this chart is proof of it.
Your lizard brain lets you down so often. When buying IT products, make sure you can detect the lies from the marketing department.
- Schneier on Security: RSA Security, Inc Hacked –
RSA Data Security, Inc. is probably pretty screwed if SecurID is compromised. Those hardware tokens have no upgrade path, and would have to be replaced. How many of the company’s customers will replace them with competitors’ tokens. Probably a bunch. Hence, it’s in RSA’s best interest for their customers to forget this incident as quickly as possible.
Bruce Schnier’s take on RSA being hacked. It’s all bad, RSA has lost trust and probably can’t get it back.If you have RSA SecurID tokens, you should regard them as compromised and insecure (until more information is available) and find another system immediately.