Categories
privacy

Monster screw up at Monster.com

The story of user information being stolen on Monster.com has been in the news about a week now. I noticed that its starting to pick up steam with articles on the front page of major news sites and finally on the front page of the Money section in Sunday’s USA Today. There are two reasons why I wanted to comment on this story. First its nice to see these types of stories circulated within the major news providers. It’s unfortunate when any type of private information is leaked to malicious users but when that happens it’s nice to see the public clamor and highlight these types of stories. Secondly end users have to get more involved when it comes to controlling their personal information. When an incident like this happens contact the organization that has your personal information let them that loose controls over your private information isn’t kosher. This story hit home for me because I have my resume on their site, so I contacted them and let them know how I felt. You can also contact them here if you like. Even if this incident doesn’t involve your information you can voice your concerns. Also as a consumer you can take your business elsewhere. There are now plenty of other job boards where you can post your information. Monster.com is no longer the monopoly they once where. As a matter of fact my last job was secured through CarrerBuilder.com, so I encourage others to use services that value your personal information.

Amado Hidlago of Symantec has written a nice technical article explaining what happened and how it may effect you.

Categories
http privacy

Tunneling HTTP thru SSH

The purpose of this tutorial is to give a quick, concise overview of how to secure your communications through a non-trusted or insecure channel. You could also use this tutorial to evade organizational firewalls and web filters but, I am more concerned about keeping my communications private rather than evading organizational filters. I have seen other tutorials that show how to accomplish tunneling http traffic over SSH but not in a very simple manner, so I hope this tutorial will accomplish this goal as well as help others. As always your feedback is welcome, either by commenting on this article or via my contact form.

Categories
network security privacy

ARP spoofing 101: Trust your LAN?

At home you’re fully aware of the hosts/people that are on your network, or at least you should be. Friends and family are usually trustworthy people and you don’t have to worry about them carrying out malicious activity, but what if you aren’t sharing the LAN (Local Area Network) with people you can trust? This article will explain why untrusted LAN’s can be dangerous and what users/admins can do to protect themselves.