After being frustrated by sleeping HDDs attached to various devices in my home, and after struggling to find a simple and easy to use application to keep aforementioned HDDs awake, I wrote my own. It’s simple, intuitive, intelligent and elegant.
Recently there has been a flurry of compromises bubbling up to the front-page of newspapers and magazines, and it seems the common thread is “APT”. APT stands for Advanced Persistent Threat, and it has been horribly over applied in numerous periodicals over the past several months; even going so far as to use the term in defining a specific virus. As we walk through what APT really should be communicating, you’ll have a better understanding why these uses are absurd at best, and poor scholarship at worst.
Click Here to Integrate YUBIKEYS for your company!
As Many people are likely now aware, RSA was compromised by an APT (Advanced Persistent Threat); which spurned the company to warn it’s clients that their current multifactor authentication tokens/fobs/dongles may be compromised.
This should cause us all a lot of pause… this isn’t an AV company getting hacked and having their (pretty much already useless product) replaced with a virus filled impostor… this is serious! I don’t want to even begin to imagine the millions of dollars secured by the utilization of RSA digital tokens.
But one thing is clear… I feel all the more justified in my continual championing of Yubikey! http://yubico.com There is no ‘secret’ to this digest based OTP solution for multifactor authentication. The implementation is not dependent (at least it doesn’t have to be) on any third party… in fact it’s truly and completely under the implementers control, muahahahahhh!! And it will remain as secure as the implementation makes it.
It beautifully removes that ‘big company over there’ who “also” happens to be a risk factor… no more! Go with Yubikeys! And if you need help, advice, have questions, or want an entire implementation planned and run for you, contact me! http://comp.romiser.com/capabilities.sec?d=yubi
I am often asked for a complex email cipher. There are some other scripts out there but I find that a truly crafty coder could work around them… so I wrote this, I’ve used it for awhile but thought the rest of the security world would enjoy it.
I like to take notes while pentesting and hacking, and i don’t always like the fuss of Dradis, so I cloned PLOD in ruby and I find it VERY useful. I also have updated the tagit.rb meterpreter script, which should now refresh the background color as well, thank you for the inspiration mubix!
More