Free Post encryption Do browsers tell us enough about secure connections? We've all grown used to checking for 'https' in the address bar of our browser and making sure that we have the little padlock indicator to assure us that the connection is secure. The only problem I find with these...
Free Post CloudFlare CloudFlare's great new features and why I won't use them CloudFlare have recently announced two great new features in the form of Keyless SSL [https://blog.cloudflare.com/announcing-keyless-ssl-all-the-benefits-of-cloudflare-without-having-to-turn-over-your-private-ssl-keys/] and Universal SSL [https://blog.cloudflare.com/introducing-universal-ssl/]. Despite the fact that Keyless SSL addresses some of the concerns I outlined in my previous blog...
Free Post Qualys Squeezing a little more out of your Qualys score Not so long back I published a blog on Getting an A+ rating on the Qualys SSL Test [https://scotthelme.co.uk/a-plus-rating-qualys-ssl-test/], which I recently updated to keep in line with the latest requirements on RC4 ciphers and SHA1/SHA256 certificates. Since then,...
Free Post HSTS HSTS Preloading HSTS is the great little response header that tells a browser to always use SSL/TLS to communicate with your site. It doesn't matter if the user, or a link they are clicking, specifies HTTP, HSTS will remove the ability for a...
Free Post WordPress Goodbye WordPress, hello Ghost! I've recently migrated my blog from WordPress to Ghost and I have to say it's awesome! It's faster out of the box than my heavily optimised WordPress install, much more simple to use and very, very clean. I&...
Free Post DDoS DDoS attacks, the plague of the Internet Distributed Denial of Service (DDoS [https://scotthel.me/f8g7]) attacks have gained fame in recent years after becoming an effective tool for hacktivist groups such as Anonymous and LulzSec. What exactly are these attacks, how are they carried out and how can websites hope...
Free Post encryption SSL does not make a site secure! Following Google's recent announcement that they will start rewarding websites that use SSL/TLS with a boost in their search rankings, I've seen a lot of comments being thrown around about how it's great that secure websites will...
Free Post Encrypted Email Encrypted email on your Android phone In a previous blog I covered setting up encrypted email on Windows using OpenPGP and Thunderbird. In this blog I'm going to cover setting up encrypted email in Android using K9 Mail and Android Privacy Guard (APG). Getting setup on Android is...
Free Post Email Setting up encrypted email is easy, here's how! A year on from the first Snowden revelations and the landscape is starting to shift. People are taking encryption and privacy more seriously and technology companies are shifting towards more secure systems. To follow that trend I've decided to setup encryption for...
Free Post data leak HotelHippo Insecure, so I've herd I recently had the pleasure of booking a night away from it all at a nice little hotel in the Lake District. As I'm sure most people with an interest in security do, I couldn't help but shudder at the...
Follow