asteroza + secure   112

riverloopsec/banned-h-embedded at develop
similar to microsoft's banned.h used during Vista's development as part of their secure development lifecycle work. Basically lots of unsafe string function marking.
embedded  banned  function  string  safety  security  SDL  secure  development  lifecycle  programming 
may 2019 by asteroza
Standards for a highly secure Windows 10 device | Microsoft Docs
New MS minimum specs for high security Windows 10 setups. Nothing terribly surprising, but the push to hypervisor based security means they are slowly starting to push towards a Qubes approach?
windows  10  hardware  requirement  security  TPM  secure  boot  SLAT  IOMMU  64bit  hypervisor  guard 
november 2017 by asteroza
Some sort of SD card form factor TPM/smartcard/VPN module for android? Mudge related...
android  trusted  external  module  SD  card  secure  communication  security  research  hardwawre  electronics  devices  Delicious 
april 2017 by asteroza
SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Sy...
CERT provides for free a C++ SDL programming guideline set, and there's a companion C guide too
C++  coding  standard  programming  development  SDL  software  security  CERT  secure  Delicious 
march 2017 by asteroza
BitLocker can't encrypt drives because of service crashes in svchost.exe process in Windows 7 or Windows Server 2008 R2
Asus motherboards with UEFI secure boot can cause 7 to fail to boot, with the red screen of death, because 7 can't actually use secure boot
fail  windows  update  patch  bitlocker  UEFI  secure  boot  7  support  RSOD  broken  motherboard  ASUS  encryption  Delicious 
may 2016 by asteroza
Genode - Genode Operating System Framework
Now supporting encapsulating linux as a TrustZone in the USB Armory's secure areas.
Genode  OS  virtualization  secure  trusted  zone  container  confinement  security  research  Delicious 
december 2015 by asteroza - Whispering Off The Record
IM service that uses forced OTR and has a tor hidden service entrance, with servers that do no logging at all on LUKS FDE rigs. Better than nothing...
free  jabber  XMPP  OTR  chat  IM  messaging  service  secure  security  privacy  anonymity  tor  Delicious 
october 2015 by asteroza
Allows mounting LUKS encrypted volumes on windows without EXT2IFS.
LUKS  secure  volume  windows  mount  software  encryption  security  Delicious 
august 2015 by asteroza
Sorta popular secure messaging app, but the company backing the network has no warrant canary and the devs refuse to answer if they've been served an NSL recently, so they've been served.
opensource  secure  messaging  client  software  android  iOS  iPhone  app  Delicious 
june 2015 by asteroza
Home -
Can't say how secure this is, and a likely target for intelligence groups, but hey, better than nothing?
dissident  activist  protestor  secure  email  service  privacy  anonymity  security  cloud  private  Delicious 
february 2015 by asteroza
Tiger XS
Apparently this is used by some government officials in europe
secure  communication  cellphone  cryptography  hardware  electronics  devices  Delicious 
october 2014 by asteroza
I wonder if a business can be made of this, though every government on earth will hate you...
secure  anonymous  physical  delivery  mixnet  privacy  security  research  cargo  package  darknet  Delicious 
september 2014 by asteroza
Computer Laboratory: BERI open-source hardware downloads
CHERI is built on the MIPS ISA, but concepts are portable to RISC-V and ARMv8.
CHERI  BERI  secure  processor  FPGA  softcore  opensource  hardware  CPU  design  security  memory  protection  Delicious 
july 2014 by asteroza
Encrypted email, based in Switzerland.
Eh, if they don't make this a host-proof hosting type situation, then it doesn't pass the smell test. Also, browser javascript crypto is asking to get owned, because you are loading external software. Did we also mention unencrypted metadata due to public SMTP, public ledger bitcoin payment providing user tracking, and the Swiss not being so private these days? I can appreciate making integrated PGP more usable to mere mortals, but if this isn't Snowden-grade, it isn't enough.
secure  email  service  Switzerland  encryption  security  broswer  javascript  cryptography  Delicious 
may 2014 by asteroza
Android KitKat | Android Developers
HCE is an end run around cellphone carriers excessively controlling the SE (secure element) portion of NFC, effectively locking out competitors in the contactless mobile payments space. But now Visa/MasterCard have announced HCE support for cloud storage of credit cards, effectively breaking the carrier stranglehold and opening the way for more Google Wallet like services..
HCE  host  card  emulation  NFC  SE  secure  element  android  4.4  kitkat  programming  development  contactless  mobile  payment  system  software  Delicious 
march 2014 by asteroza
WhiteHat Aviator - The most secure browser online
This seems like a private label chromium with a lot of security tweaks, unfortunately closed source for mac OSX.
software  aviator  secure  browser  web  mac  security  OSX  chromium  network  windows  whitehat  privacy  Delicious 
november 2013 by asteroza
Bitmessage Wiki
P2P using bitcoin architectural parts. There's a channel like feature, and an email gateway service as well.
bitmessage  software  encryption  secure  opensource  messaging  windows  security  chat  decentralized  OSX  p2p  IM  email  anonymous  cryptography  social  bitcoin  Delicious 
august 2013 by asteroza
Pond - Pond
Interesting tor based async messaging server/protocol, sorta the encrypted equivalent of email without leaking too much metadata.
software  email  communication  encryption  forward  asynchronous  secure  messaging  security  tor  privacy  Delicious 
august 2013 by asteroza
Covert Browser
The humorous part is you have to buy this at the iTunes store on an Apple product, which feels like the antithesis of privacy and anonymity...
iPhone  iPad  tor  secure  web  browser  security  privacy  anonymity  app  software  Delicious 
november 2011 by asteroza
App that creates an embedded secure partition to isolate work apps/email/data. In theory allows a work/play divide on an otherwise personal phone. As to how safe it is, well, encrypted partition generally only provides you security for data at rest if implemented well, and various levels of security for data on teh move (when the secure partition is mounted). There's also the security issues between apps. Android may be UNIX multiuser, but it was designed fundamentally as a single GUI user/operator OS, with resulting design compromises. VMware's Horizon hypervisor setup is a slightly better security solution since that takes the OS out of the equation in theory...
enterproid  android  app  software  enterprise  business  device  security  remote  wipe  application  control  management  secure  partition  area  encryption  Delicious 
october 2011 by asteroza
Hackers break SSL encryption used by millions of sites • The Register
Use a MitM proxy to inject some bad javascript that executes a chosen plaintext on a specific website, to allow recovery of the secure cookie for that site.
beast  SSL  TLS  MitM  attack  javascript  chosen  block  plaintext  secure  cookie  recovery  security  Delicious 
september 2011 by asteroza
A quantum encryption idea utilizing the secure citadel concept to force the decryption to occur at a specific location.
quantum  cryptography  citadel  secure  location  position  geolocation  security  protocol  network  data  key  exchange  filetype:pdf  media:document  Delicious 
august 2010 by asteroza
How to wipe free disk space in Linux? - Super User
seems like I would need to do the following for a quick and dirty disk free space zeroing, if I wasn't going to script a dd megafile operation (doing the dd zero file file is a bit scary, but this is essentially doing the same thing...)

sfill -f -l -l -z /
debian  linux  secure  delete  disk  zero  free  space  erase  eraser  software  sysadmin  tools  utilities  virtualization  dd  Delicious 
july 2010 by asteroza
The service which will gather and store uploaded video/audio from Taser/AXON's new head mounted video camera. The idea being, a remote third party video evidence collection repository of police action tends to provide somewhat objective evidence of police actions. Though it could just as easily be the new YouTube version of COPS...
remote  service  online  audio  storage  monitoring  tracking  video  secure  collection  police  evidence  taser  AXON  Delicious 
march 2009 by asteroza
« earlier      
per page:    204080120160

related tags

2.0  4.4  64bit  512MB  802.1x  academic  access  activism  activist  AES  AIP  AirChat  AJAX  algorithm  alternative  android  anonym.OS  anonymity  anonymizer  anonymizing  anonymous  antivirus  app  apple  ApplePay  application  archival  archive  archiving  area  armory  AS2  asset  ASUS  asynchronous  ATA  attack  audio  authentication  autorun  aviator  AXON  backed  backup  banned  BCWipe  beacon  beast  BERI  biometric  biometrics  bitcoin  bitlocker  bitmessage  bittorrent  blackdog  block  blocking  boot  broken  broswer  browser  BSD  bunker  burner  business  C++  Carbonite  card  cargo  case  cellphone  censorship  CERT  certificate  change  channel  chat  cheatsheet  CHERI  chip  chosen  chromium  CI  citadel  client  clock  cloud  cluster  coding  collection  combined  comet  command  commodity  communication  communications  compliance  computing  configuration  confinement  contactless  container  control  cookie  copy  cost  CPU  cryptainer  CryptainerLE  Cryptocat  cryptography  cryptsetup  CSipSimple  cyanogen  cyanogenmod  daemons  darknet  data  datacenter  DBAN  dd  deaddrop  debian  decentralized  delete  Delicious  delivery  design  desktop  destruct  detection  development  device  devices  DHT  digital  disaster  disk  disposable  dissident  distributed  distro  DIY  document  domain  download  drive  drop  dropbox  duplex  dwipe  e2e  edge  EDI  EIM  electronics  element  email  embedded  emulation  EMV  enclave  encrypted  encryption  end2end  engine  enterprise  enterproid  environment  eraer  erase  eraser  erasure  essay  eVault  evidence  exchange  external  extraction  eye  Facetime  factor  fail  fake  FAST21  FDE  FEC  file  filesystem  filetype:pdf  fingerprint  FIPS-202  FIPS202  flash  Flower  Foolscap  fork  forward  FPGA  framework  free  freenet  freeware  friendnet  Fujitsu  full  function  FUSE  gateway  gear  GEM  Genode  geolocation  global  GNUnet  google  GPG  greynet  grid  group  guard  guide  hacking  hacktivismo  hactivist  hard  hardened  hardware  hardwawre  hash  HCE  HDD  HDDerase  head  hibernation  hidden  hook  host  hosted  hosting  hostproof  howto  HSM  http  https  humor  hypervisor  i2p  ideas  identity  IM  IMAP4  incident  incremental  industry  information  infosec  infrastructure  input  instant  Institute  instructions  intel  international  internet  IOMMU  iOS  Iowa  iPad  iPhone  iPod  IronMountain  ISIS  ISO  jabber  jack  japan  java  javascript  journalism  JTAN  K9  Kali  key  keycode  kitkat  LAFS  laptop  law  leak  library  lifecycle  lighttpd  limited  link  linux  liveCD  LiveCD  lobbying  location  log  logging  longhorn  low  LUKS  mac  magnetic  management  manager  MDN  media  media:document  memory  message  messaging  messenger  metadata  methods  Microsoft  MitM  mixnet  mobile  mod  mode  module  Mojo  monitoring  motherboard  mount  mounted  Mozy  MozyPro  MTA  MySecureDoc  NAC  Nation  network  networking  news  NFC  NFS  NIST  node  noise  non-repudiation  Nortel  notebook  NTT  nuke  nwipe  oepnBSD  Office-on-a-Stick  officer  online  OpenSEA  opensource  openSSL  Opera  OperaTor  OPSEC  OS  OSTEL  OSTN  OSX  OTR  OWASP  p2p  package  page  PAKE  paper  partition  password  patch  payment  PBA  PC  peer  pentesting  personal  personel  PGP  phone  PHP  physical  plaintext  plan  planning  platform  plugin  police  policy  politics  POP3  portable  position  post  PPP  preboot  preview  print  privacy  private  Privoxy  processor  productivity  profile  programming  protected  protection  protestor  protocol  proxy  pseudoanonymity  pseudoanonymous  python  quantum  RAID  RAIN  realtime  recording  recovery  redirector  reference  relay  reliable  remote  repurpose  requirement  research  resistor  response  rewrite  RFC6189  RFID  ricochet  RISC-V  Rizzo  RJ-11  RSOD  RSP  Safeguard  safety  SATA  scatterchat  SCIMP  scribd  scrum  SD  SDI  SDL  SDLC  SE  SecPAL  secret  SECUDE  secure  security  Seiko  self  server  service  services  set  setup  SFS  SGD  SGX  SHA-3  SHA3  sharing  shell  side  signal  signing  SIlentCircle  SIP  site  skew  Skype  SLAT  smartcard  SMS  SMTP  social  socket  softcard  softcore  software  solution  SP2  space  SRP  SRP-Hermetic  ssh  SSK  SSL  SSTP  standard  stanford  storage  string  strongbox  suite  Sun  supplicant  support  surveillance  Switzerland  sysadmin  system  tactical  Tag  Tahoe  Tahoe-LAFS  tarantella  taser  Technoimagia  TEE  telephone  telephony  temperature  test  testing  ThePirateBay  thinking  third  time  timestamp  tips  TLS  tokenisation  tokenization  tools  tor  torpark  torrent  TPM  tracking  transfer  transmission  tricks  TrueCrypt  trusted  tunnel  tunneling  tutorial  twisted  two  ubuntu  UEFI  unit  unix  update  upload  URL  USA  USB  user  USSHC  utilities  utility  utimaco  vault  VDI  verification  video  virtual  virtualization  vista  VoIP  volume  VPN  vuvuzela  wallet  WCF  web  webapp  webdev  webmail  webOS  webPKI  whistleblower  whitehat  whole  wifi  windows  wipe  wiping  wireless  xDrive  XML  XMPP  XP  xquery  zero  ZFEC  Zfone  zone  ZRTP  zRTP 

Copy this bookmark: