Introduction to permissions, Part 3: Application Permissions

In Part 3, we are going to look at application permissions. This is a pretty broad topic, but there are some generic permissions that are relevant across most models.

Continue reading

Introduction to permissions, Part 2: File system permissions

In Part 2, we’re going to look at how Windows and the *nix operating systems (Linux, Unix, and Macs) deal with file system permissions.

Continue reading

Introduction to permissions

In this new mini-series we’re going to take a look at how to troubleshoot permissions. To start, let’s take a step back and discuss what permissions are, the various models, types of accounts that are affected, and the principle that should drive all permission-setting: least privilege.

Continue reading

Give thanks for these 25 cool technologies

As we prepare for this year’s Thanksgiving holiday, we wanted to share our thoughts about some of the coolest technologies for which we are thankful.

Continue reading

Security 101 – Algorithms

In this post we take a look at the encryption algorithms that are in common use today and those that are no longer in vogue. We’ll also see how encryption can be used both to obscure and to validate data and when you want to use one type of algorithm over another.

Continue reading

Security 101 – Encryption terminology

One of the first things that comes to mind when talking about security is encryption. Encryption can be used to provide confidentiality and integrity, which are two of the three main tenets behind security. To be sure that you are familiar with the concepts we will be covering in upcoming articles, here is a primer on encryption terminology.

Continue reading

Clever phishing attack uses Dropbox to spoof Dropbox

Dropbox recently detected and shut down a spoofing page designed to grab users’ credentials to Dropbox and other webmail based systems that was hosted on Dropbox itself.

Continue reading

The top 24 facepalm moments in information security

With all the media attention focused on ShellShock, we thought it would be a good time to take a look back at some other web-shaking security events of the past. In chronological order, here are 24 facepalm moments in information security.

Continue reading

To split or not to split? That is the question

Whenever a company wants to set up a VPN for its remote users, one of the major decision points that always comes up is whether or not to support split tunneling. In this post we define split tunneling and some related terms.

Continue reading

Troubleshooting VPN client connectivity

To help troubleshoot VPN client connectivity, here are some pointers that may save you some time.

Continue reading