Security

Olivier Coudert on October 27th, 2013

CodeProjectAWS has made virtual machines (EC2) ubiquitous. You can launch and stop them as will, log into them, create new accounts, etc. Then you start digging into remote control for multiple users. How do I set up a ssh connection between my local client and a remote machine? Which key should I use? How do […]

Continue reading about How to: passwordless ssh

Olivier Coudert on January 26th, 2013

On Thursday I received the following  message on my phone. The message reads: WELLS FARGO ALERT: Your CARD starting with 4259 has been DEACTIVATED. Please call 650-443-5306. That was immediately suspicious. Neither the sender, (650) 739-9027, nor the phone number to call, were 800 numbers. Also usually one refers to a credit card with its […]

Continue reading about New scam: fake Wells Fargo text message

Olivier Coudert on September 29th, 2012

The other day I decided to get started with my long due tax returns. When browsing some of my bank statements, I noticed three recurrent monthly payments that I could not recognize. More bizarre was the fact that their where issued in USD, while the account is labeled in Euros. They showed as follows: I […]

Continue reading about Got hacked?

Olivier Coudert on July 19th, 2012

Apparently, you don’t need to be a big famous web site like the LinkedIn or Yahoo Voice to be the subject of attacks by hackers or malware.  I wanted to check out Avery Design this Thursday morning, and this is what I got: The explanation given by Google is below. Looks like the Avery guys […]

Continue reading about Avery Design blacklisted

You must know by now that 6.5 millions unsalted SHA-1 hashed passwords have been stolen from LinkedIn database, and it looks likely that the usernames were compromised too. So you already changed your password, right? If you didn’t, do it now. But even if you did change your password over the past two days, hackers […]

Continue reading about How to check if your LinkedIn password got stolen –and what to do if it did

Olivier Coudert on June 6th, 2012

Today 6.5 millions hashed password have been posted on a Russian hacker site. It is unclear whether the user names were compromised as well. But what was revealed is that LinkedIn keeps your password unsalted, hashed with SHA-1. Some explanations may be needed first to understand why this is relevant. Companies need to validate password. […]

Continue reading about Unsalted LinkedIn leaves a bad taste

Olivier Coudert on April 18th, 2012

Imera’s is relatively unknown, but it was recently touted as providing secured communication channels between EDA vendors and their customers. Imera has shut down its operations, leaving behind a number of customers (Broadcom, TSMC, Qualcomm, Sandisk, Infineon, Synopsys, Cadence, Mentor, etc). Usually a customer requiring support means that some design data need to be sent […]

Continue reading about Imera’s end is only a beginning