Posted by jpluimers on 2014/02/27
Didn’t notice they published these stickers while I was on holiday earier this year: Bescherm je laptop met een principiële sticker « Bits of Freedom.
There must be stickers like that in other languages as well, just did not yet search for them (:
–jeroen
Posted in Power User, Security | Leave a Comment »
Posted by jpluimers on 2014/02/27
Posted in Chrome, Encryption, GMail, Google, Power User | Leave a Comment »
Posted by jpluimers on 2013/12/23
wget is immensely useful tool to download files using ftp, http and https, especially as it allows recursive downloads and mirroring with some very nice options.
Mac OS X doesn’t come with wget, and curl – the alternative for wget – cannot do recursion, so you need wrapper scripts for that.
Basically there are two ways to get wget installed on Mac OS X:
For both ways you need to remember that they won’t automatically update. So: keep an eye on wget security vulnerabilities, and update as soon as new ones have been found.
The first way (build from source) needs you to download and install Xcode first. Since I’m a Mac OS X developer, I already have that.
Luckily Install wget in Mac OS X Without Homebrew or MacPorts had instructions for the most current version when writing this blog entry. The binary from Tech Tach was outdated.
That, and the my feel for greater influence on the built proces makes me like the first way more.
Below are the commands I used (thanks OSXDaily!).
Check http://ftp.gnu.org/gnu/wget/ to make sure you downloaded the most current wget sourcecode. Read the rest of this entry »
Posted in *nix, Apple, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, OpenSSL, OS X 10.8 Mountain Lion, Power User, Security, wget | Leave a Comment »
Posted by jpluimers on 2013/11/01
An interesting read, especially to see what parts should and should not be part of security auditing practice.
–jeroen
Posted in Power User, Security | Leave a Comment »
Posted by jpluimers on 2013/06/24
A while ago, I had to connect to secure data over PPTP.
It reminded me of this post from about a year ago: via Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate (now archived at the wayback machine).
Their main point:
MS-CHAPv2 can be cracked within less than a day (and that time will only get less).
Their short conclusion “basically PPTP is dead, and IPSEC-PSK is worse” leads to the recommendation:
This leaves either an OpenVPN configuration, or IPSEC in certificate rather than PSK mode.
Longer quote: Read the rest of this entry »
Posted in IPSec, Network-and-equipment, Power User, PPTP, Security, VPN | 3 Comments »
Posted by jpluimers on 2013/02/22
Locking down your Windows system even further than the standard restricted user: How to make a disallowed-by-default Software Restriction Policy.
–jeroen
Posted in Power User, Security, Windows, Windows 7, Windows 8, Windows Vista, Windows XP | 1 Comment »
Posted by jpluimers on 2013/02/06
And yes this is worth reading…
Right now it looks like the site is overloaded, so you will have to use the Google Cache: Light Blue Touchpaper » Blog Archive » “Security Engineering” now available free online.
So I’m going to re-try in a couple of days.
Later: that was an intermediate site. The actual site is Security Engineering – A Guide to Building Dependable Distributed Systems..
–jeroen
via: Security Engineering – A Guide to Building Dependable Distributed Systems.
Posted in Power User, Security | Tagged: computer, google cache, internet, light blue touchpaper, research, technology | Leave a Comment »
Posted by jpluimers on 2011/10/04
MQSeries.net is the site to visit for WebSphere MQ (formerly MQSeries) topics.
They have a forum with very knowledgeable people.
One of the must-read topics is MQSeries.net :: View topic – NOT running amqcrsta as ‘mqm’… that points to a very nice IBM WebSphere MQ Security presentation (including a 50 minute YouTube video) that Martyn Ruks presented on EUSecWest 08 (an older version of the presentation is from DefCon 15) who in 2006 did a very nice piece of security research on the SNA protocol and now has a series of publications on WebSphere MQ security.
The posting does not link the the paper that goes with the conference (that he wrote with Alex Pratt), which has much more in depth information than the presentation itself. Recommended reading!
–jeroen
via: MQSeries.net :: View topic – NOT running amqcrsta as ‘mqm’…
Posted in Development, MQ Message Queueing/Queuing, Power User, Security, WebSphere MQ | Leave a Comment »
Posted by jpluimers on 2009/12/11
I still see a lot of people crafting their own MD5 implementation.
A lot of the existing MD5 implementations do not work well in Delphi 2009 and later (because they need to be adapted to Unicode).
Many of those existing implementations behave differently if you pass the same ASCII characters as AnsiString or UnicodeString.
The MessageDigest_5 unit has been available in Delphi since Delphi 2007.
This is the location relative to your installation directory: source\Win32\soap\wsdlimporter\MessageDigest_5.pas
(Edit: 20091223: Since Delphi 7.01, Indy has provided the unit IdHashMessageDigest which also does md5, see the comments below)
So this unit used by the WSDL, and more importantly: works with Unicode (if you pass it a string with Unicode characters, it will convert them to UTF-8 first).
The unit is not in your default search path, and has not been very well promoted (the only link at the Embarcadero site was an article by Pawel Glowacki), so few people know about it.
Now you know too :-)
Note that MD5 is normally used to hash binary data.
It is not wise to send a non ASCII string through both the AnsiString and UnicodeString versions: because of the different encoding (and therefore a different binary representation), you will get different results depending on the Delphi version used.
A sample of the usage showing the above AnsiString/UnicodeString issue is not present for ASCII strings, nor for ANSI strings: this is because both get encoded using UTF-8 before hashing.
Delphi 2007 did not do the UTF-8 encoding, so you will see different results here.
You will also see that Writeln uses the Console for encoding, and those are different than the code editor.
Edit: 20091216 – added RawByteString example to show that the conversion does not matter.
<br />program md5;<br /><br />{$APPTYPE CONSOLE}<br /><br />uses<br /><%%KEEPWHITESPACE%%> SysUtils,<br /><%%KEEPWHITESPACE%%> MessageDigest_5 in 'C:\Program Files\Embarcadero\RAD Studio\7.0\source\Win32\soap\wsdlimporter\MessageDigest_5.pas';<br /><%%KEEPWHITESPACE%%> // Vista/Windows 7: MessageDigest_5 in 'C:\Program Files (x86)\Embarcadero\RAD Studio\7.0\source\Win32\soap\wsdlimporter\MessageDigest_5.pas';<br /><br />function GetMd5(const Value: AnsiString): string; overload;<br />var<br /><%%KEEPWHITESPACE%%> hash: MessageDigest_5.IMD5;<br /><%%KEEPWHITESPACE%%> fingerprint: string;<br />begin<br /><%%KEEPWHITESPACE%%> hash := MessageDigest_5.GetMD5();<br /><%%KEEPWHITESPACE%%> hash.Update(Value);<br /><%%KEEPWHITESPACE%%> fingerprint := hash.AsString();<br /><%%KEEPWHITESPACE%%> Result := LowerCase(fingerprint);<br />end;<br /><br />function GetMd5(const Value: UnicodeString): string; overload;<br />var<br /><%%KEEPWHITESPACE%%> hash: MessageDigest_5.IMD5;<br /><%%KEEPWHITESPACE%%> fingerprint: string;<br />begin<br /><%%KEEPWHITESPACE%%> hash := MessageDigest_5.GetMD5();<br /><%%KEEPWHITESPACE%%> hash.Update(Value);<br /><%%KEEPWHITESPACE%%> fingerprint := hash.AsString();<br /><%%KEEPWHITESPACE%%> Result := LowerCase(fingerprint);<br />end;<br /><br />var<br /><%%KEEPWHITESPACE%%> SourceAnsiString: AnsiString;<br /><%%KEEPWHITESPACE%%> SourceUnicodeString: UnicodeString;<br /><%%KEEPWHITESPACE%%> SourceRawByteString: RawByteString;<br /><br />begin<br /><%%KEEPWHITESPACE%%> try<br /><%%KEEPWHITESPACE%%> SourceAnsiString := 'foobar';<br /><%%KEEPWHITESPACE%%> SourceUnicodeString := 'foobar';<br /><%%KEEPWHITESPACE%%> SourceRawByteString := 'foobar';<br /><br /><%%KEEPWHITESPACE%%> Writeln(GetMd5(SourceAnsiString));<br /><%%KEEPWHITESPACE%%> Writeln(GetMd5(SourceUnicodeString));<br /><%%KEEPWHITESPACE%%> Writeln(GetMd5(SourceRawByteString));<br /><br /><%%KEEPWHITESPACE%%> SourceAnsiString := 'föøbår';<br /><%%KEEPWHITESPACE%%> SourceUnicodeString := 'föøbår';<br /><%%KEEPWHITESPACE%%> SourceRawByteString := 'föøbår';<br /><%%KEEPWHITESPACE%%> Writeln(SourceAnsiString, ' ', GetMd5(SourceAnsiString));<br /><%%KEEPWHITESPACE%%> Writeln(SourceUnicodeString, ' ', GetMd5(SourceUnicodeString));<br /><%%KEEPWHITESPACE%%> Writeln(SourceRawByteString, ' ', GetMd5(SourceRawByteString));<br /><%%KEEPWHITESPACE%%> except<br /><%%KEEPWHITESPACE%%> on E: Exception do<br /><%%KEEPWHITESPACE%%> Writeln(E.ClassName, ': ', E.Message);<br /><%%KEEPWHITESPACE%%> end;<br />end.<br />–jeroen
Share this:
Posted in Delphi, Development, Encoding, Hashing, md5, Power User, Security, Software Development, Unicode, UTF-8, UTF8 | 28 Comments »
The Wiert Corner - irregular stream of stuff 