So I was reading my auto policy this morning after the recent ice storm left behind a big cracked windshield in my Chrysler. The good news is that I'm covered. But as I was reading about what is *not* covered, something caught my eye: Now, looking at item (b) there, you have to wonder:  What compelled them to add the parenthetic qualifier there?  I mean, did someone actually make a claim regarding an accidental discharge of a nuclear weapon, and the insurance company said "ooo, we better write that into the policy"? Surely, the phrase "Discharge of any nuclear weapon" covers accidental ones?  No?  Did...

As a follow-up to yesterday's roundup of encryption algorithms, I bring you a roundup of popular hashing algorithms.  Unlike encryption, which is generally a 2-way function (encrypt, then decrypt), hashing is generally one-way.  There is no way to determine the original text based on a hash (except brute force) if it is properly implemented.  So what's the point of that?  Well, primarily it's used to verify the integrity of a given bit of data.  Say, for instance, you are doing forensics on a computer system, and you generate hashes of all the files on the file system.  You can demonstrate later,...

I decided to do a roundup of popular encryption algorithms.  This post focuses on symmetric key algorithms.  It is not intended to be an exhaustive list, but does cover 99% of the algorithms currently in use today. In the table below, I have flagged broken/flawed algorithms in RED.  Those are better than no encryption, but they should be avoided if other options are available.  Algorithms marked in GREEN are considered strong, and are recommended for use in all scenarios.  My current algorithm of choice is Rijndael, which enjoys wide adoption and support thanks to its selection by NIST as the current...

Did you know that if you have a GMail account, you can use their mail system's SMTP service for free?  I am using it to deliver "Contact Me" messages from my blog to my account at GMail, but you can send emails to anyone using it. Here's how to configure your email client (or server email component) to use GMail for outbound mail delivery: Set the software's SMTP server to smtp.gmail.com Enable authentication for the connection, and enter your gmail account credentials...

I wanted to give everyone a little insight into how bmonday.com is setup and what the underlying technologies are.  There are not a whole lot of people running blogs using the combination I am, so I think it will be interesting to more than a few people. The server is an HP Media Smart 475 with 512MB RAM and 2x1TB hard disks configured for data replication between them (it’s not RAID, it’s… something else).  The OS is Windows Home Server (WHS).  The server is protected by a Juniper SSG5 SOHO firewall that is responsible for NATing the inbound traffic...

Yeah, so bmonday.com v3.0 went over like a lead balloon with the fans (hey nobody was more surprised than I was that I still have "fans" after going dark for nearly 2 months).  The problem with the new software was that all my old security articles and other useful posts were no longer accessible (yes, there have been some useful posts over the years, don't start with me).  I got quite a few emails from people asking me what happened to a couple of unique articles, like the one about getting OpenSSH to work on Windows. These articles were not easy...