Plato’s Beard
whereof one cannot speak, thereof one must make random noises
Disfunzione erettile perché la disfunzione erettile lowest price cialis 20mg

Archive for 'Security'

Security schmecurity?

Monday, March 27th, 2006

 

Is it just my old age or is the IT industry paradoxically getting less worried about password security these days? Back in the day we used to jump through hoops to not reveal cleartext passwords. Today: my hosting provider prints the password out in cleartext in form responses and email. Various online sites (blogs and such) email you the password in cleartext (even if you didnt ask for it!). Even the MySQL command to change the password (mysqladmin password) accepts the new password only on the command line!!

What the hell?!

 

Zfone from Zimmerman

Wednesday, March 22nd, 2006

Phil Zimmerman (of PGP fame) has the following notice from a week ago:

Secure Voice over IP: Zfone

I’ve just released Zfone, a new product that takes a new approach to make a secure telephone for the Internet.

I think it’s better than the other approaches to secure VoIP, because it achieves security without reliance on a PKI, key certification, trust models, certificate authorities, or key management complexity that bedevils the email encryption world. It also does not rely on SIP signaling for the key management, and in fact does not rely on any servers at all. It performs its key agreements and key management in a purely peer-to-peer manner over the RTP packet stream. It interoperates with any standard SIP phone, but naturally only encrypts the call if you are calling another Zfone client. This new protocol has been submitted to the IETF as a proposal for a public standard, to enable interoperability of SIP endpoints from different vendors.

[…]

Seems interesting!




::: ::: :::