Information Security Weekly Newsletter - Wednesday, May 27, 2015

Top new questions this week: What is Logjam and how do I prevent it? I heard there is a "new" TLS vulnerability named Logjam, what does it do and how do I prevent it? tls diffie-hellman   asked by Arperum 58 votes answered by Thomas Pornin 70 votes Is full disk encryption on a server in a secure data center pointless? I am having a debate with several people regarding how much protection full disk encryption provides. dm-crypt is being used to encrypt data which is required by my company to be encrypted at rest. ... encryption linux disk-encryption dm-crypt   asked by user4755220 33 votes answered by Stephane 55 votes Why do you need to close your browser window after logging out of a website? I might be wrong, but I believe the request to close the browser window after logging out is common, though it's completely unclear what the risks might be of failing to close a browser window ... web-browser session-management safe-browsing   asked by blunders 28 votes answered by Steve DL 27 votes Why is writing zeros (or random data) over a hard drive used when writing all ones is more beneficial? As far as I know, in order to securely delete the hard drive's contents, one should fill it with zeroes or, for added security and harder recoverability, random data first and then all zeroes. In ... storage deletion data-recovery   asked by Serban Razvan 17 votes answered by LvB 20 votes How do Travel Sentry locks work? (supposedly openable only by security agencies) Apparently Travel Sentry locks can only be opened: by their owner, by the TSA, CATSA and "other security agencies". How do they work technically? Is there some electronics embedded with ... authentication physical padlocks   asked by Nicolas Raoul 16 votes answered by Jeff Ferland 22 votes Server for School Coding Assignments An introductory C++ course is offered every year in our university. In order for students to code in C++ and submit their assignments, we give them shell access to a Linux server. They use ssh to log ... access-control shared-hosting privilege-escalation   asked by Soban 16 votes answered by Steve DL 28 votes PayPal encrypted with obsolete cryptography My Chrome just complained from PayPal's security, similarly to this issue: Google Chrome "Your connection to website is encrypted with obsolete cryptography" The identity is verified, but ... encryption tls certificates paypal   asked by cburatto 14 votes answered by Tom Leek 22 votes Greatest hits from previous weeks: XKCD #936: Short complex password, or long dictionary passphrase? How accurate is this XKCD comic from August 10, 2011? I've always been an advocate of long rather than complex passwords, but most security people (at least the ones that I've talked to) are ... cryptography passwords entropy   asked by Billy ONeal 640 votes answered by AviD 600 votes How do I use "openssl s_client" to test for (absence of) SSLv3 support? In order to mitigate the "Poodle" vulnerability, I'd like to disable SSLv3 support in my (in this case, TLS, rather than HTTPS) server. How can I use openssl s_client to verify that I've done this? tls openssl   asked by Roger Lipscombe 36 votes answered by P4cK3tHuNt3R 45 votes Can you answer these? How to encrypt and authenticate large amounts of data with NaCl In a current project the NaCl-library crypto_box function has been used to encode and crypto_box_open to authenticate and decode data. However the library does not seem to support de- / encoding of ... encryption c   asked by Lukas 2 votes MySQL BACKRONYM (CVE-2015-3152) only affects MySQL client? I read the CVE-2015-3152 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152) named BACKRONYM (http://backronym.fail/), and what I understood (ELI5 style) was the following: Attacker ... tls exploit mysql cve   asked by Jhuliano Moreno 1 vote When do shared disks "leak" data to other VMs, and how is that mitigated? Inspired by this answer, I would like to know what are some common threats and mitigation techniques used to prevent one VM from leaking data to another via the shared storage infrastructure. ... disk-encryption virtualization risk-management bitlocker azure   asked by LamonteCristo 5 votes

Subscribe to more Stack Exchange newsletters Unsubscribe from this newsletter or change your email preferences by visiting your subscriptions page on stackexchange.com. Questions? Comments? Let us know on our feedback site. If you no longer want to receive mail from Stack Exchange, unsubscribe from all stackexchange.com emails. Stack Exchange, Inc. 110 William St, 28th Floor, NY NY 10038 <3