Below we have a collection of Blog posts written by our in-house SSL/TLS and Security Experts, and also a collection of guest posters we invite every so often. In addition, you can find guides for installation and configurations, the best ways to secure your systems, fixes to common problems or updates to the industry.
Do you use the same password for everything? If yes, then read on.... If you use the same password for everything this article is for you. Your passwords are the digital keys to all your information such as your banking details, contacts, messages, photos, address, and more. They hold so much power in protecting our personal information yet most people, probably including yourself, have a… [read more →]
FIPS (Federal Information Processing Standard) is a set of requirements asserted by NIST in order to centralize and make uniform the ways in which the US government manage the risks associated with securing and transporting sensitive information. FIPS came into existence as part of the larger FISMA legislation in 2002, and quickly became a commonly imitated framework for information security in… [read more →]
Full Disk Encryption (FDE) refers to the practice of encrypting a device (laptop, cell phone, etc) at-rest. Decryption is performed at boot time, relying on user input, a cryptographic key stored in hardware, or a combination both. FDE is an important part of defense-in-depth as the protection schemes employed by typical operating systems are only enforced when the operating system is running.… [read more →]
It can be very difficult to bridge the gap between the theoretical and the practical. This is a pattern I’ve seen repeat itself again and again throughout my career – someone might be very technical, and very familiar with encryption, but when it comes time to solve a real-world business problem as a developer or a systems administrator, that knowledge doesn’t always translate to something defen… [read more →]
PBKDF2, defined in RFC 2898, is a specific Key Derivation Function (KDF). A KDF is simply any mechanism for taking a password (something a user remembers or stores in a password manager) and turning it into a symmetric key suitable for cryptographic operations (i.e., AES). It turns out that this approach is extremely handy for a variety of use cases. However, it is also not without its flaws. … [read more →]