Author: Robby Pedrica
-
Slackware 14.1: an interview
I’ve been quite slack ( yip queue the puns ) on reviewing Slackware 14.1 but time has been short and to tell you the truth, after upgrading, there’s not a whole lot different from an existing user’s point of view ( except for that usual Slackware “it just works” air of operation ). That being…
-
New electrical sockets for SA
It may come as a bit of shock to some but we are getting a new electrical socket in the form of the SANS 164-2 specification. This specification socket was adopted by the SABS in 2013 and takes over from the old 3-round-pin socket ( adopted from the British ) that has been in use…
-
Large security breach involving fast food outlets and banks in SA
A variant of the Dexter malware has apparently been running on POS systems unchecked for quite a while. All of SA’s banks have been hard hit by the losses incurred as a result of arguably one of the largest security breaches in SA history. More info here: http://www.techcentral.co.za/sa-banks-in-massive-data-breach/44338/
-
Personal security, Digital Security and Identity Theft
We live our lives in an always-on digital world these days. Medical, banking, shopping, services, mobile, multimedia – all of these are engaged with and executed on-line. Along with a whole host of threats including viruses, malware, phishing, pharming, advanced persistent threats and more. Not only do we have to deal with threats from the…
-
The cloud and security
Moving your applications and data into the cloud presents a paradox when talking about security. A recent Thales survey found that over 60% of respondents thought that the cloud provider was responsible for protecting their sensitive and/or confidential data. And over 50% said they didn’t know what their cloud provider does to protect their data.…
-
10 Immutable laws of security administration
Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if the secure way also happens to be the easy way Law #3: If you don’t keep up with security fixes, your network won’t be yours for long Law #4: It doesn’t do much good to install…
-
WordPress 3.5.2 updates security
For those using WordPress, you’ll be happy to know that version 3.5.2 has just been released with a number of fixes including SSRF ( server-side request forgery ) attacks, a number of components updated to fix XSS ( cross-site scripting ) holes and DoS ( denial of service ) attacks on WordPress’ post password protection…
-
Linkedin security issues with DNS redirection
Starting yesterday, Linkedin went offline for a period of time due to a DNS redirection problem. Essentially when going to the www.linkedin.com site, one would in actual fact be visiting an alternate site that was not actually Linkedin. This issue is generally known as DNS Hijacking. Data that may have been compromised due to users…
-
SARS e@syFile issues
e@syFile is SARS’ client tool to manage your taxes and payroll components. It can work in an off-line mode, but allows you to connect via the Internet to SARS once you are ready to submit documents. With regards to usability, the tool is pretty poor. Having followed the process myself for PAYE Reconciliation, I can…
-
ADSL Router Security in the crosshairs
It’s long been a bugbear of mine when ADSL modems are used at the perimeter of networks as the security device/firewall. Including the fact that many of these units are made to the lowest cost possible and have many vulnerabilities, they are holy unsuited to the task of providing decent security. That’s why I always…
-
Indian call centre virus hoax
The Indian Call Centre virus hoax has been around for some years but has mostly targeted the US and Europe. But no more, as this morning I received a call from an Indian-sounding male which ran along exactly these lines. “Sir, we’re calling from Microsoft because your ISP has indicated you have viruses coming from…
-
IT Support effectiveness
It’s long been a bugbear of mine that many IT Support folk have difficulty in troubleshooting IT issues. This is an area where one would expect ( and require ) personnel to have a high degree of logic ( crucial to faultfinding procedures ) but it seems that many IT engineers are almost devoid of…
-
Squid changes in 3.2 and 3.3
Squid, the venerable proxy/caching server, has recently undergone a few major changes. 3.2 SMP In 3.2, one of the biggest changes is SMP ( multi-cpu or -core ) support. This could potentially have a huge impact on the performance scalability of a machine that uses multiple CPUs or cores. Previously ( in <= 3.1 ),…
-
Aaron Swartz and freedom of information
I had a passing knowledge of Aaron but did not know too much about him beyond his involvement in Reddit. It’s very sad nonetheless to hear of his passing this weekend past. At his own hand shows perhaps a despair he may have had as a result of his legal issues. Aaron’s story will ring…
-
Downtime
My apologies to anyone trying to access my site over the last 3 days. I’ve had intermittent firewall issues which resulted in me replacing the unit completely this evening. Probably about time seeing as the old unit was a few years old. For those interested, it started with a 100% drive failure. That’s quite rare…