Roger Halbheer on Security
I think I really do not need to comment this as the title itself says it all: US arrogance puts further doubt on cloud data sovereignty If you add some content, I just think they do not get it: New York-based U.S. Magistrate Judge James Francis last week ruled that local search warrants must include…
Maybe Heartbleed has the positive side-effect that users think about using different passwords for different sites (and then a password manager?) or websites start to think about using two-factor authentication? The downside typically is, that these effects tend not to last all too long… or how far did Snowden really change people’s behavior? Heartbleed’s silver…
That’s a big “outch”: Be Careful what you Scan for! Just to quote SANS: After some fun and games at one customer site in particular, I found that the SSL services on the earlier versions of the HP Proiliant Servers iLo ports (iL01 and iLO2) are not susceptible to heartbleed. However, their implementation of SSL…
I was doing quite some PKI projects in my former life. One of the key themes during the policy discussion and then afterwards in the implementation was always the way somebody can revoke a certificate and then how the revocation was communicated. Shall OCSP be used or shall we stay with the good old CRLs?…
This is the first time, I had to go through an emergency update process of that scale – well better, my team went, I do not want to claim any success here for myself. I was basically just an observer. However, there were a few interesting things, which I learned during the last few days:…
I guess, you have have been through such meetings as well? At least I felt fairly often like that, when I was in consulting
Roger
