LuxSci FYI » LuxSci Library: Security and Privacy

Is SSL/TLS Really Broken by the BEAST attack? What is the Real Story? What Should I Do?

Erik Kangas — Thu, 22 Sep 2011 02:01:46 +0000

SSL v3 and TLS v1 are subject to a serious exploit, according to a recently published attack mechanism (called BEAST). This sounds foundation-shattering and kind of scary. When people see this, as when we did, the first panicky>> read the complete answer

What is Social Engineering?

Erik Kangas — Fri, 01 Jul 2011 16:22:45 +0000

It is often thought that Viruses and Malware are the biggest threats to your personal information, but there is even a greater threat that often goes undetected. Social Engineering is a technique used by people to gather>> read the complete answer

iPhone Security Apps and Configuration Tips

Erik Kangas — Wed, 18 May 2011 16:54:54 +0000

There are several great iPhone Security Apps and a handful of good and simple configuration changes that you can make to your iPhone to greatly enhance you iPhone security and protect your sensitive information and identity. We have seen read the complete answer

Facebook: Quick Steps to Lockdown Security and Privacy

Erik Kangas — Sun, 08 May 2011 02:41:57 +0000

Facebook use is ubiquitous–you can even “Like” this post on Facebook right from our blog. As most people know, the default account settings in Facebook are very weak in terms of security and extremely permissive in terms of privacy read the complete answer

Best Practices for Password Reminders and Security Questions

Erik Kangas — Fri, 06 May 2011 01:12:59 +0000

Many companies, LuxSci included, recommend or require that users have one or more “Security Questions” and corresponding answers associated with their accounts. These questions are commonly used to:

Verify a user’s identity if the user has forgotten his/her password, or
Provide

>> read the complete answer

SMTP TLS: All About Secure Email Delivery over TLS

Erik Kangas — Fri, 19 Feb 2010 22:13:19 +0000

TLS stands for “Transport Layer Security” and is closely related to “SSL” (Secure Socket Layer). TLS is one of the standard ways that computers transmit information over an encrypted channel. In general, when one computer connects to another>> read the complete answer

HIPAA 2010: HITECH Impact on Email and Web Outsourcing

Erik Kangas — Wed, 20 Jan 2010 22:26:12 +0000

Surprise! HIPAA has changed, gotten bigger, and grown teeth.

The American Recovery and Reinvestment Act (ARRA, or The Obama Stimulus Bill), signed into law in February 2009, includes new, more comprehensive provisions for HIPAA. These provisions are in a section>> read the complete answer

Secure Web Pages and Web Forms: What You Need to Know

Erik Kangas — Tue, 05 Jan 2010 22:33:51 +0000

Creating a web site that has “secure” components requires more than slapping together some web pages and adding an SSL Certificate. All a certificate really does is create a thin veneer of security — one that does not go very>> read the complete answer

Advantages of LuxSci/Thawte SSL Certificates over Go Daddy

Erik Kangas — Mon, 28 Dec 2009 23:35:16 +0000

We are often asked by customers why they should pay more for an SSL certificate from LuxSci/Thawte instead of purchasing from a third party provider like Go Daddy. I.e., what justifies the added expense?

There are two key considerations>> read the complete answer

PGP Encryption

Erik Kangas — Thu, 06 Aug 2009 18:50:11 +0000

While most people might not know what PGP encryption is, almost everyone with access to an email account uses it regularly. It’s one of the most popular ways to digitally sign, encrypt or decrypt emailed documents, adding an additional>> read the complete answer