Stories by Ian Paul

NSA whistleblower Edward Snowden plans to work on easy-to-use privacy tools

By Ian Paul | 21 July, 2014 23:56

NSA whistleblower Edward Snowden doesn't yet know whether he'll be spending the next year in a U.S. prison or an undisclosed location in Russia. Nevertheless, Snowden hopes to work on anti-surveillance technologies in the future.

Edward Snowden: Dropbox is 'hostile to privacy'

By Ian Paul | 19 July, 2014 01:08

Dropbox is a very popular cloud storage service, but NSA whistleblower Edward Snowden is no fan. In a recent interview with The Guardian, Snowden called Dropbox a "targeted, wannabe PRISM partner" that is "very hostile to privacy."

How to create an anonymous email account

By Ian Paul | 16 July, 2014 03:24

A reader recently asked me how they could use aliases in to create an anonymous email account. My answer was simple: you really can't.

Five questions to answer before paying for a VPN

By Ian Paul | 25 June, 2014 03:24

If you work on a computer or mobile device away from home, you probably use Wi-Fi hotspots in hotels, cafés, restaurants, airports, or on campus. The problem is, there is no way to know exactly how secure those networks are.

In Pictures: The 8 scariest digital security stories of 2014 (so far)

By Ian Paul | 24 June, 2014 08:14

The year's only halfway done, but hackers have already filled enough headlines to last a decade.

Two months later, Heartbleed patching stalls with 300,000 servers still vulnerable

By Ian Paul | 24 June, 2014 00:23

The Heartbleed bug may be a devastating flaw still affecting thousands of websites, but efforts to patch any remaining systems are effectively over.

Google Chrome's experiment with killing URLs appears to be on hold

By Ian Paul | 11 June, 2014 23:29

Google appears to be backing away from its somewhat controversial experimental feature for the Chrome browser that hid full web addresses from users. Dubbed the Origin Chip, the new feature condenses the web address of the page you're viewing into a small tile on the far left of Chrome's address bar.

Google's Chrome Gmail encryption extension hides NSA-jabbing Easter Egg

By Ian Paul | 06 June, 2014 00:59

Google is famous for its Easter Eggs, including web pages that do barrel rolls or blink or hide video games--but rarely do Google's bits of fun take a political tone. Showing just unhappy the company or at least its engineers are with the National Security Agency's surveillance activities Google included a jab at America's spooks in a new Chrome browser extension.

So long, TrueCrypt: 5 alternative encryption tools that can lock down your data

By Ian Paul | 31 May, 2014 03:09

Open-source legend TrueCrypt may be gone, but the usefulness of full disk encryption carries on. So what's a crypto fan to do now for their encryption needs?

A beginner's guide to BitLocker, Windows' built-in encryption tool

By Ian Paul | 31 May, 2014 00:54

The creators of TrueCrypt shocked the computer security world this week when they seemingly ended development of the popular open source encryption tool. Even more surprising, the creators said TrueCrypt could be insecure and that Windows users should migrate to Microsoft's BitLocker. Conspiracy theories immediately began to swirl around the surprise announcement.

Apple hints password reuse, not iCloud hack, at heart of locked iDevice ransom attacks

By Ian Paul | 29 May, 2014 01:54

Apple says an iCloud breach is not to blame for the recent spate of iOS devices held hostage by malicious actors via Apple's Find My iPhone service. Many users in Australia and several other countries have reported being locked out of their iDevices by a third party who demanded $100 to return control of the iPhones and iPads to their rightful owners.

Cookies open Wordpress accounts to easy hijacking

By Ian Paul | 28 May, 2014 02:37

If you're a user you'll want to be extra cautious the next time you're tempted to whip up a blog post from your local coffee shop. If anyone on the same open connection is using a networking sniffing tool like Firesheep, your account could be easily hacked.

Get two-factor authentication on the desktop with Authy

By Ian Paul | 22 May, 2014 04:10

One of the best security precautions you can take to protect your online accounts is to enable two-factor authentication on any service that supports it. This requires you to enter a short, one-time code to access your online accounts after you've entered your password.

Regain your privacy with these 3 browser add-ons

By Ian Paul | 10 May, 2014 01:42

With so many advertisers, social networks, and other companies interested in your data, it's pretty hard to stay private online these days. But don't reach for that tinfoil hat just yet! There are a few tools that can help privacy-conscious users shake privacy-smashing trackers off their tails.

One month later, hundreds of thousands of servers still vulnerable to Heartbleed

By Ian Paul | 10 May, 2014 01:35

One month after the Heartbleed bug put Web security on notice, more than 300,000 servers worldwide are still vulnerable. That's the word from Errata Security's Robert Graham, who came to that number after scanning millions of Web servers on Internet port 443, which is used for TSL/SSL communication.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

SECURE Email Gateway

Clearswift SECURE Email Gateway is an effective and resilient email gateway for 50 to 50,000 users.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.