Technology
What are NFC cards and how are they protected?
- Albert Zenkoff
- 2013-06-18
- Technology, contactless smart cards, countermeasures, embedded, ISO 14443, NFC, NFC cards, perfect security, Physical security, protection, security, smart card security, smart cards, sony felica, wireless
Ever since I posted an initial article “Hack NFC Door Locks” I see a steady stream of people that come with queries like “what’s the protection of an NFC card” and “how do you hack a protected NFC card”. Obviously, there is something out there interesting enough for people to begin inquiring. What is an ...
Read More
Password recovery mechanisms – Part 3
- Albert Zenkoff
- 2013-05-22
- Technology, advice, captcha, Development, general, guidance, guide, password management, password recovery, passwords, rules, software, software design, user information
Passwords remain the main means of authentication on the internet. People often forget their passwords and then they have to recover their access to the website services through some kind of mechanism. We try to make that so-called “password recovery” simple and automated, of course. There are several ways to do it, all of them ...
Read MorePassword recovery mechanisms – Part 2
- Albert Zenkoff
- 2013-05-21
- Technology, authentication, Development, general, guidance, guide, password database, password management, passwords, rules, secondary channel, software design, user information
Passwords remain the main means of authentication on the internet. People often forget their passwords and then they have to recover their access to the website services through some kind of mechanism. We try to make that so-called “password recovery” simple and automated, of course. There are several ways to do it, all of them ...
Read MorePassword recovery mechanisms – Part 1
- Albert Zenkoff
- 2013-05-21
- Technology, authentication, Development, dumpster diving, general, guidance, password management, passwords, protection, rules, secret questions, security design, software design, user information
Passwords remain the main means of authentication on the internet. People often forget their passwords and then they have to recover their access to the website services through some kind of mechanism. We try to make that so-called “password recovery” simple and automated, of course. There are several ways to do it, all of them ...
Read More
Cloud security
- Albert Zenkoff
- 2013-04-27
- Technology, cloud, cloud security, data center, database, file server, mainframe, security, security models, security types, technology, virtual, VM, web server
Let’s talk a little about the very popular subject nowadays – the so-called ‘cloud security’. Let’s determine what it is, what we are talking about, in fact, and see what may be special about it. ‘Cloud’ – what is it? Basically, the mainframes have been doing ‘cloud’ all along, for decades now. Cloud is simply ...
Read MoreExodus from Java
- Albert Zenkoff
- 2013-04-09
- Technology, coding techniques, Development, false promise, general, inherent security, Java, languages, programming, secure software, sloppy, technology
Finally the news that I was subconsciously waiting for: the exodus of companies from Java has started. It does not come as a surprise at all. Java has never fulfilled the promises it had at the beginning. It did not provide any of the portability, security and ease of programming. I am only surprised it ...
Read More
SAMATE Reference Dataset
- Albert Zenkoff
- 2013-02-14
- Technology, Data set, Development, SAMATE, security, test, test cases, Tools, vulnerability database
Through the news we can become alerted to many interesting things and one of the recent useful bits is the SAMATE Reference Dataset built by NIST Software Assurance Metrics And Tool Evaluation project. Should you need information on common vulnerabilities test cases, the database has more than 80,000 test cases by now. From the project ...
Read More
Common passwords blacklist
- Albert Zenkoff
- 2013-01-09
- Technology, blacklist, brute force attack, general, Password, password database, password verification, passwords, rules, technology
Any system that implements password authentication must check whether the passwords are not too common. Every system faces the brute-force attacks that try one or another list of most common password (and usually succeed, by the way). The system must have a capability to slow down an attacker by any means available: slowing down system ...
Read More
Hack NFC Door Locks
- Albert Zenkoff
- 2012-12-27
- Technology, authentication, door locks, identification, NFC, Physical security, protocol, RFID, security, Smart card, wireless
I can see in the logs that people sometimes come to this site with interesting searches. A recent interesting search was “Hack NFC Door Locks”. Well, since there is interest in the subject, why not? Let’s talk about NFC, contactless smart card and RFID door locks, shall we not? The actual technology used for the ...
Read More
Cryptography: just do not!
- Albert Zenkoff
- 2012-10-16
- Technology, Algorithm, Cryptography, Development, don't, encryption, hashing, homegrown, philosophy, software, technology
Software developers regularly attempt to create new encryption and hashing algorithms, usually to speed up things. There is only one answer one can give in this respect: Here is a short summary of reasons why you should never meddle in cryptography. Cryptography is mathematics, very advanced mathematics There are only a few good cryptographers and ...
Read MoreAbout the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.
Share and stay updated
Share and stay updated
About the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.