encryption

drag2share: Security Researchers Prove That Dropbox Can Be Hacked

source: http://feedproxy.google.com/~r/businessinsider/~3/bsh7YBL3bks/researchers-prove-dropbox-can-be-hacked-2013-8

Drew Houston

Two security researchers blew by Dropbox’s security features, gained access to private user files and published a paper that explained how they did it.

Their goal was to get Dropbox to create an open source version of itself, which means that anyone could look at its code and verify that the service is secure.

“Dropbox will/should no longer be a black box,” the researchers, Dhiru Kholia of Openwall and Przemysław Wegrzyn of CodePainters, wrote in their research paper.

There’s a few interesting things about this Dropbox take-down. One is that, after Dropbox was hacked about a year ago, it added security features to protect users and make Dropbox more appealing to paying customers like enterprises.

For instance, it added encryption and something called “two-factor authentication” which makes users take extra steps to log into a Dropbox account.

The researchers disabled both of those protections.

More importantly, they “reverse engineered” the portion of Dropbox that runs on a user’s computer. That means they looked at Dropbox’s programming code. They shouldn’t have been able to do that. Dropbox was written in Python using techniques that prevent reverse engineering.

There are a lot of cloud services using Python and these same techniques. This means they a! ll could be at risk.

Ultimately, the researchers want to make Dropbox safer. They are hoping others will help them build a secure, open source method for using Dropbox. This would be freely available for Dropbox to adopt, if it wanted to.

Dropbox says that this research doesn’t really put anyone’s accounts at risk. A spokesperson gave us this statement:

“We appreciate the contributions of these researchers and everyone who helps keep Dropbox safe. However, we believe this research does not present a vulnerability in the Dropbox client. In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.”


drag2share – drag and drop RSS news items on your email contacts to share (click SEE DEMO)

Tags: , , , , , , , , , , , , , , , , ,

Thursday, August 29th, 2013 news No Comments

10 valuable Google Analytics custom reports

Source: http://econsultancy.com/us/blog/62271-10-valuable-google-analytics-custom-reports-2

Track the effect of (not provided)

Google’s decision to encrypt search referral data means that many sites now have a lot less to work with when tracking SEO keywords, and Econsultancy is no different.

In fact, as with other IT and tech related sites, we have been hit harder than others, to the extent that more than 40% of our organic search referrals are (not provided).

The rise of (not provided) on Econsultancy.

With this encryption spreading to Firefox and iOS6, this trend is set to continue.

Thanks to Avinash Kaushik’s custom report, you can moan about the impact to other marketers, backed up by accurate data.

Google https Change Impact

Time of day report

This one comes from Dan Barker, who answered my Twitter question about tracking posts by publish time with a fully formed custom report, thus saving me loads of time.

Using this you can see which days of the week are most popular, and use the data to experiment with your publishing schedule:

 

GA time of day report

Time of day report for ecommerce

This one also comes from Dan Barker, and does much the same as the previous custom report, but is aimed at ecommerce sites.

It shows transaction metrics on top of the traffic stats by time of day and day of week.

 

Time and ecommerce report

Better AdWords

This report was suggested by Brian Clifton in the Google+ discussion on this post. I’ve added this to replace the Google Images traffic report, which doesn’t work.

This  combines Adwords acquisition data with revenue data under one roof, and saves you going back and forth between different reports.

 

Better Adwords report

Keyword analysis

This report looks at your most popular keywords (minus the ones that Google isn’t telling you about) and shows visitor metrics, conversion rates, goal completions and page load time.

Other tabs also show engagement and revenue metrics.

Keyword analysis report

Keyword analysis report

Non-branded keywords

This report strips out the branded keywords and shows visits, goal completions and revenue.

You’ll need to go in and edit the report to exclude your own branded keywords. In this case, I’ve excluded ‘econsultancy’ but I should also remove the various spellings and hyphenated versions:

 

Non-branded keyword report

Browser report

This report shows how different browsers are working for your site in terms of visits, revenue, bounce rates and purchases.

It’s also a good way of picking up potential problems. If bounce rates are especially high for one kind of browser there may be an issue with the way your site looks in Internet Explorer, Safari etc.

 

Browser report

Should I go mobile?

This one is from Lens 10, and aims to answer the question above.

You can judge from metrics such as pages per visit and goal completion rate and decide whether a mobile site is ready. The answer is very probably yes for most sites.

 

Should I go mobile? report

Referring sites report

Thanks to Anna Lewis from Koozai for this one, which shows referring sites alongside goal completions and conversion rates.

 

Referring sites report

Link analysis report

This one, from SEObook, helps you to see which of your inbound links are sending the most valuable traffic, showing visits, goal completions and more.

 

Link analysis report

Do you have any other useful custom reports to share? Please let us know below…

Tags: , , , , , , , , , , , , , , , ,

Thursday, March 7th, 2013 news No Comments

Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE

Source: http://www.engadget.com/2012/06/12/dell-vostro-line-ivy-bridge-cpus-optional-4g-lte/

Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE

Dell’s Vostro line of entry-level business notebooks is next up to receive the good ‘ol Ivy Bridge update. Today the company is announcing the Vostro 3360, 3460 and 3560 laptops, in 13-inch, 14-inch and 15-inch sizes, respectively. All models will be configurable with either second- (Core i3) or third-gen (Core i5 or Core i7) Intel CPUs along with several graphics options and up to 8GB of RAM. And let’s not forget those business features: fingerprint readers, file and folder encryption and security software are available on all three models. The Vostro 3360 and 3460 will also offer optional 4G LTE mobile broadband.

Getting more specific, the $649 Vostro 3360 measures 0.76 inches thick, weighs 3.67 pounds and comes standard with a 320GB hard drive spinning at 7,200RPM (a 750GB configuration and an optional 32GB SSD are also available). Starting at $599, the 4.92-pound Vostro 3460 comes with the same processor options and is available with NVIDIA GeForce GT 630M graphics and up to a 7,200RPM, 750GB hard drive coupled with a 32GB SSD. Unlike the 3360, the 14-incher comes with a backlit keyboard and includes an optical drive. Lastly, there’s the 15-inch, 5.75-pound Vostro 3560, which can be configured with AMD Radeon HD 7670M graphics and a 1920 x 1080 display (you get the same storage options as the 3460, along with the same backlit keyboard and optical drive). The Vostro 3560 is currently on sale for $599 on Dell’s website, while the 3360 and 3460 will be available on June 21st. Head past the break for more photos and the full press release.

Gallery: Dell Vostro 3360, 3460 and 3650 hands-on

Continue reading Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE

Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE originally appeared on Engadget on Tue, 12 Jun 2012 09:00:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceDell  | Email this | Comments

Tags: , , , , , , , , , ,

Tuesday, June 12th, 2012 news No Comments

Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE

Source: http://www.engadget.com/2012/06/12/dell-vostro-line-ivy-bridge-cpus-optional-4g-lte/

Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE

Dell’s Vostro line of entry-level business notebooks is next up to receive the good ‘ol Ivy Bridge update. Today the company is announcing the Vostro 3360, 3460 and 3560 laptops, in 13-inch, 14-inch and 15-inch sizes, respectively. All models will be configurable with either second- (Core i3) or third-gen (Core i5 or Core i7) Intel CPUs along with several graphics options and up to 8GB of RAM. And let’s not forget those business features: fingerprint readers, file and folder encryption and security software are available on all three models. The Vostro 3360 and 3460 will also offer optional 4G LTE mobile broadband.

Getting more specific, the $649 Vostro 3360 measures 0.76 inches thick, weighs 3.67 pounds and comes standard with a 320GB hard drive spinning at 7,200RPM (a 750GB configuration and an optional 32GB SSD are also available). Starting at $599, the 4.92-pound Vostro 3460 comes with the same processor options and is available with NVIDIA GeForce GT 630M graphics and up to a 7,200RPM, 750GB hard drive coupled with a 32GB SSD. Unlike the 3360, the 14-incher comes with a backlit keyboard and includes an optical drive. Lastly, there’s the 15-inch, 5.75-pound Vostro 3560, which can be configured with AMD Radeon HD 7670M graphics and a 1920 x 1080 display (you get the same storage options as the 3460, along with the same backlit keyboard and optical drive). The Vostro 3560 is currently on sale for $599 on Dell’s website, while the 3360 and 3460 will be available on June 21st. Head past the break for more photos and the full press release.

Gallery: Dell Vostro 3360, 3460 and 3650 hands-on

Continue reading Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE

Dell Vostro line gets Ivy Bridge CPUs, optional 4G LTE originally appeared on Engadget on Tue, 12 Jun 2012 09:00:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceDell  | Email this | Comments

Tags: , , , , , , , , , , , , , , , , , ,

Tuesday, June 12th, 2012 news No Comments

Encrypting Your Hard Drive No Longer Works Against Federal Prosecution [Law]

Source: http://gizmodo.com/5878709/encrypting-your-hard-drive-no-longer-works-against-federal-prosecution

Encrypting Your Hard Drive No Longer Works Against Federal ProsecutionSometimes common “street smarts” fail you. Like when you ask the guy who’s selling you drugs if he’s a cop. Or when you encrypt your hard drive and refuse to unlock it for prosecutors while citing the self-incriminating clause of the Fifth Amendment.

A federal court judge has just ruled that being forced to decrypt one’s hard drive during prosecution does not violate the defendants’s Fifth Amendment rights. The ruling stems from a case against Ramona Fricosu, who is charged with mortgage fraud. She has refused to decrypt the contents of her hard drive arguing that doing so would require her to essentially testify against herself.

Nuh-uh, said judge Robert Blackburn, citing an earlier ruling against one Sebastien Boucher. In that case, the courts decided that, while Boucher’s encryption password was certainly protected, the information on his drive could be considered evidence in the case and was therefore not subject to the same liberties.

“I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer,” Blackburn wrote in his opinion today. He also cited the All Writs Act, a 1789 statute, could be invoked as well to force Fricosu’s compliance.

Friscosu has until February 21 to comply or face contempt of court charges. Geez, it’s getting to the point that your secrets are better left on microfilm in pumpkin patches rather than on your hard drive. [CNet via The Verge]

Image – Tatiana Popova / Shutterstock


drag2share – drag and drop RSS news items on your email contacts to share (click SEE DEMO)

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Tuesday, January 24th, 2012 news No Comments

Popular Posts – Week Ending March 19, 2010.

HP Mini 311 Nvidia ION Netbook Hackintosh’ed

Facebook advertising metrics and benchmarks

What is Web 3.0? Characteristics of Web 3.0

social media benchmarks

Samsung 52 inch HDTV $9.99 at BestBuy – purchase receipt below (6:21a eastern time August 12, 2009)

1024-bit RSA encryption cracked by carefully starving CPU of electricity

How to manufacture a viral video sensation and make viral profits – Post 2 of 2

What can search volume tell you?

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Tuesday, March 23rd, 2010 digital No Comments

1024-bit RSA encryption cracked by carefully starving CPU of electricity

Source: http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/

Since 1977, RSA public-key encryption has protected privacy and verified authenticity when using computers, gadgets and web browsers around the globe, with only the most brutish of brute force efforts (and 1,500 years of processing time) felling its 768-bit variety earlier this year. Now, three eggheads (or Wolverines, as it were) at the University of Michigan claim they can break it simply by tweaking a device’s power supply. By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the server to flip single bits of the private key at a time, allowing them to slowly piece together the password. With a small cluster of 81 Pentium 4 chips and 104 hours of processing time, they were able to successfully hack 1024-bit encryption in OpenSSL on a SPARC-based system, without damaging the computer, leaving a single trace or ending human life as we know it. That’s why they’re presenting a paper at the Design, Automation and Test conference this week in Europe, and that’s why — until RSA hopefully fixes the flaw — you should keep a close eye on your server room’s power supply.

1024-bit RSA encryption cracked by carefully starving CPU of electricity originally appeared on Engadget on Tue, 09 Mar 2010 02:47:00 EST. Please see our terms for use of feeds.

Permalink p://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/“>The Register, TechWorld  |  sourceUniversity of Michigan  | Email this | Comments

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Tuesday, March 9th, 2010 news 1 Comment

Dr. Augustine Fou is Digital Consigliere to marketing executives, advising them on digital strategy and Unified Marketing(tm). Dr Fou has over 17 years of in-the-trenches, hands-on experience, which enables him to provide objective, in-depth assessments of their current marketing programs and recommendations for improving business impact and ROI using digital insights.

Augustine Fou portrait
http://twitter.com/acfou
Send Tips: tips@go-digital.net
Digital Strategy Consulting
Dr. Augustine Fou LinkedIn Bio
Digital Marketing Slideshares
The Grand Unified Theory of Marketing