Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecure than the stuff we have now. We need to consider what we sound like to users when we run around screaming how terrible the stuff they want is when we can't secure the stuff we think is okay to deploy. The truth is the new technology is no more vulnerable to attack than the systems we "bles... (more)

Beacon Podcast Episode 025

Hurricane Labs Beacon Podcast Episode Number: .025 – New Studio Edition Hosts: Matt Yonchak (@mattyonchak), Patrick Sayler (@psayler), Ian Gillespie, Tom Kopchak Amazon Studios - Create a television series - Amazon will fund and produce IT Security Basics - Matt isn’t buying it - People have been saying this for years - Matt and Tom debate Apple Legacy FileVault Hole - OSX 10.7.3 shipped with a debug flag - Passwords stored in plaintext in secure.log - Fixed in 10.7.4 Google vs Oracle - Google made their own Java clone for Android - Jury ruled Google infringed on copyrights - Google cal... (more)

Take Social Media Privacy Into Your Own Hands

By Steve McMaster - I’ve gotten in a lot of arguments lately about one of the latest “hot topics” in the end-user side of technology – privacy. With some of the biggest names in Social Media doing a really bad job of it (and I’m not even just talking about leaked passwords), it’s something that’s throwing itself in the face of many average, day-to-day computer users. Many in the security industry already know most of the things people are discovering, and have screamed warnings from the mountaintops to the folks below. Alas, this is the woe of being a security engineer. But here’... (more)

Open Source Firewalls - Untangle and pfSense comparison

So this week I had the opportunity of setting up a little lab to test both of these firewalls. Before this week I had no idea these firewalls even existed, and the only open source routing/firewall software I even knew of at the time was Vyatta; which is really only for routing purposes. Starting off, you really need to pay attention to the system requirements, especially Untangles. I attempted to install both of these using Ubuntu with VirtualBox and was in for a nasty surprise. Originally skimming the requirements brought me to this issue, to where I used an old Dell Dimension ... (more)

Snowpocalypse 2010: Report From ShmooCon 2010

Here I am at ShmooCon 2010 right in the middle of what people here in Washington DC are calling Snowpocalypse 2010. The Metro, busses, and taxis are all closed down and essentially the city has shut down. Being from Cleveland I find it a little laughable but it’s still a pretty bad storm. Well that hasn’t stopped ShmooCon from going strong. This being my first hacker con it took me a little while to get acclimated to what kind of talks would be interesting and relevant to me as a network/firewall security guy. The first talk I found interesting was about an OWASP project called O... (more)