Would You Entrust Your Data to These Yokels?

Thursday, December 31st, 2009

You have asked Firefox to connect securely to www.delldatasafe.com, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do? If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue. www.delldatasafe.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer)

If Dell can’t even manage their public key certificates, how can I trust them to keep my data safe and secure?
(more…)

Posted in Security, Windows | 10 Comments »

Verifying SSH Host Fingerprints

Tuesday, January 10th, 2006

If you use ssh you’re familiar with this message:

~$ ssh rich.elharo.com
The authenticity of host 'rich.elharo.com (192.168.254.36)' can't be established.
RSA key fingerprint is 5a:65:0f:5f:21:bb:fd:6a:5a:68:cd:62:58:5d:fb:9f.
Are you sure you want to continue connecting (yes/no)?

If you’re like me, you regularly just type yes and continue without much thought:

Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘rich.elharo.com,192.168.254.36’ (RSA) to the list of known hosts.

But is that really safe? (more…)

Posted in Security | 6 Comments »