Profile cover photo
Profile photo
Chester Wisniewski
815 followers
815 followers
About
Chester's posts

Post has shared content
Excellent summary of privacy/security risks of connected convenience by +Paul Wagenseil​

Post has shared content
I love Fiscal the Fraud Fighting Ferret... In fact, I WAS Fiscal for a short time in Gold Coast, Queensland Australia last week

Post has shared content
Storing passwords, a brief recap:

* 1990: Just put them into a database.
* 1995: You gotta MD5 those bro, plain-text is not good.
* 1996: I heard MD5 is no good anymore, better SHA-1 one those.
* 1997: Better add a sleep delay to slow down brute-forcing through remote connections.
* 1998: Add a salt, bro, beware of dictionary attacks. One per database should be enough.
* 2000: Sorry, I meant a unique salt per password. There is this thing called rainbow tables now.
* 2005: SHA-1 is broken too now, we need to migrate to SHA-256.
* 2010: Forget about SHA-256, we need to deal with GPU crackers now. Let's just key-stretch for now.
* 2014: Our homegrown key-stretching algorithm turned out to be a massive failure. Let's just switch to scrypt.
* 2015: OK, our data at rest is safe (for now) but our user passwords still made it to pastebin because we decrypt everything in RAM and hackers dumped everything from there.

COMPUTERS WHYYYYYYYYYYYYYYY

Post has shared content
#TBT: Take a gander at this vintage job ad for Sophos... Circa October 1988, published in Daily Information for Oxford University.

FYI, this position has been filled. ;-) But we have other opportunities that I have opened up since: https://www.sophos.com/careers
Photo

Post has shared content
SophosLabs researcher Gabor Szappanos is at it again, with new research exploring and explaining the mechanics of an intriguing malware construction kit developed in Russia and available in underground cybercrime markets, Microsoft Word Intruder (MWI). Read more: http://soph.so/RHHKE 
Photo

Post has shared content
Who knew the shell could be so dirty?
Only people who play with terminal will understand ;) 
Photo

Post has shared content
I don't usually overtly promote Sophos stuff, but I am in love with the #Sysmas campaign. Anyone who has ever worked in IT can empathize.

Post has shared content
Brace yourselves, the ultimate IT throne is coming... And you could win it.

Find out how here: http://soph.so/zjF3V   #SophosSysmas   #SysAdminDay  
Photo

The Xbox One seems to only be partially baked. Feels like a rush job.

Post has attachment
Is there a better way to celebrate Autumn than fresh sour dough and some spiced cider?
Photo
Wait while more posts are being loaded