Examples similar to a digital certificate are the CNPJ, RG, CPF and driver’s license of a person. Each contains a set of information that identifies the institution or person and authority (for these examples, public organizations) that guarantees its validity.

Some of the key information found in a digital certificate are:

• data that identifies the owner (name, identification number, status, etc.);
• name of the Certification Authority (CA) that issued the certificate;
• the serial number and the period of validity;
• the digital signature of the CA.

The goal of the digital signature on the certificate is to indicate that another person (Certification Authority) ensures the accuracy of the information contained therein.

What and Certification Authority (CA)?

Certification Authority (CA) and the entity responsible for issuing digital certificates. These certificates can be issued for various types of entities, such as person, computer department of an institution, institution, etc..
Digital certificates are a form of electronic signature of the CA that issued it. Thanks to his reputation, the AC and generally recognized by all as confident, playing the role of “Electronic Notary”.

What examples can be cited on the use of certificates?

Some typical examples of the use of digital certificates are:

• When you access a site with secure connection, such as access to your bank account via the Internet, and can check the site and really made the institution that claims to be, by verifying its digital certificate;

• when you query your database over the Internet, this has to make sure your identity before providing account information;

• When you send an important e-mail, your application e-mail you can use your certificate to “digitally” sign the message in order to assure the recipient that the email and your and that has not been tampered with between the sending and receipt.

Carla Sofia adores technology especially the technology LCD.Televisores LCD and see the Televisor Samsung LCD TV de 32 polegadas

Article Source:http://www.articlesbase.com/security-articles/what-you-should-know-about-the-digital-certificate-1785635.html

Most security problems involving e-mails are related to the contents of the messages, which usually abuse of social engineering techniques or characteristics of certain programs readers e-mail, so you can open files or run programs attached to messages automatically.

It is possible to configure a program reader e-mails more safely?

Yes Some setup tips to improve the security of your program reader e-mails are:

1. turn off the options to automatically open or run files or programs attached to the messages;

2. off the options to run JavaScript and Java programs;

3. off, if possible, how to view emails in HTML format.
These settings can prevent your program reader e-mails automatically spread viruses and Trojan horses, among others. Programs are readers of e-mails that do not implement these functions and therefore do not have these options.

It is important to emphasize that if the User follow the recommendations, but still
open the files or manually run the programs that come attached to emails, you may have a problem that would breach the security of your computer.

What preventive measures should adopt the use of programs readers e-mails?

Some preventive measures that minimize the problems brought to the e-mails are:

• always keep the latest version of your program reader e-mails;

• Do not click on links that, perchance, may appear in the content of the e-mail. If you really want to access the page with the link, type the address directly in your browser;

• Avoid open files or run programs attached to e-mails without first check them with a virus;

• always suspicious files attached to messages, even if they were sent by persons or entities known. The return address may have been forged and the attachment can be, for example, a virus or a trojan horse;

• download programs directly from the manufacturer’s website;

• Avoid using your program reader e-mails as a browser, switching the
viewing emails in HTML format.

Currently, Internet users have been bombarded with junk mail and, especially, with fraudulent messages and the purpose of obtaining financial advantage. Some examples are:

• messages offering large sums of money through an electronic transfer of funds;

• messages with offers of products with prices well below the prices charged by the market;

• messages that seek to induce the User to access a specific page on the Internet or install a program, open a photo album, see e-cards, etc., but whose real purpose and cause the user to provide personal and sensitive data, such as accounts banking, passwords and credit card numbers credit.

António Nogueira is a Civil Engineer and expert in Concrete. Visit Projetos de Engenharia and see the calculo estrutural

Article Source:http://www.articlesbase.com/security-articles/readers-mail-software-security-alerts-1785704.html

Remove Unused Programmes- We all tend to install number of programmes that can potentially be used in future. The programmes take large amount of space on the hard disk and eventually slow down computer processing. Very easy and effective way to deal with this problem is to go to Start-Settings-Control Panel- Add Remove Programs. This will open a window with a list of all current programs on you computer and frequency of use. Go through the list and start removing unused programs. This has significantly speed up my computer.

Remove Unneeded Files- If you are as big music and video fanatic as I am you will need this tip on how I have speed up my computer. OK, what is the problem with being music and video fanatic and how I managed to speed up my computer? I download lots of music and movies to my documents in neat filing system. Without even realising I had used almost 90% of the massive hard drive capacity. It slowed down my computer to an unbearable level. I friend of mine suggested that I get myself an external storage device (memory stick, rewrittable DVD or external hard disc) and move all my current filing system as well as download everything to the external storage device. You guess, I have speed up my computer and was able to use it again.

Defragment Your Computer- Difragmenting is very important because the computer saves parts of files in different locations and when opening or editing the file the more it is fragmented the longer it takes to process it and the computer becomes very slow. Follow these steps to defragment your computer: Start-Accessories-System Tools- Disk Defragmenter-Analyze. This will analyze the hard disk and inform you if it needs defragmenting. If it does click on Difragment. Depending on your disk size this action may take log time. It speed up my computer, it will yours too.

To learn more on how to speed up your computer download the free ebook “Step-by-Step- From Turtle to Rabbit Performing Computer”. You will learn exactly ho I improved my computer performance and saved, Click Here Now and kill the frustration.

Article Source:http://www.articlesbase.com/security-articles/how-to-speed-up-my-computer-how-i-have-speed-up-my-computer-for-free-and-you-can-speed-up-your-computer-too-1781234.html

The Trojan Horse of mythology was named after a huge wooden horse given to the city of Troy as a gift by the supposedly retreating Greek army.

The residents of Troy never were able to decline a gift horse and so they took it into their city, allowing the soldiers inside to sneak out at night and butcher them.

In more modern times a Trojan is associated with computing – it is a file that may appear at first to offer some benefit but ultimately goes on to cause some sort of damage.

The fact that a Trojan appears to be a useful file or application is what tricks users into installing it in the first place.

I would like to point out though that a Trojan is not a virus, even though many people do confuse the two – a Trojan cannot replicate itself like a virus does.

Once you have a Trojan on your system the consequences can be quite severe – they can access all sorts of files, create openings for hackers to create more mischief, allow personal data to be stolen and even change the way your web browser works.

For example, one of the latest Trojans (the Google Redirect Trojan) that has come to light is able to change the way search engine results are displayed, causing fake adverts to appear which earn money for the hackers when followed through.

Defending yourself against a Trojan isn’t so hard though you’ll be pleased to hear – just install one of the latest antivirus programs onto your system and keep it continually updated and you will be fairly safe.

Another good defence mechanism is a firewall which comes as standard on modern Windows installations – ensure it is switched on and unauthorised traffic into and out of your computer should be blocked.

Lastly, add in a pinch of the most vital ingredient – common sense – and don’t download anything from sites you don’t know or completely trust.

After all, a computer is only ever as secure as the dumb human who is operating it.

You can learn more about worms, viruses and Trojans on Lee Ives’ blog.

Article Source:http://www.articlesbase.com/security-articles/what-is-a-trojan-horse-1784592.html

Hack/Reset Windows XP, Vista, Windows 7 Administrator password:

Windows Key is popular windows password recovery software used to reset windows XP, Vista or Windows 7 administrator password. Simply, boot the system using Windows Key bootable CD or flash drive and you’re able to reset windows administrator password.

1. Free Download Windows Key software to reset windows administrator password.

2. The downloaded folder contains image file. Burn it to disc using any image burner software say Nero.

3. Now, when burning process is finished, you have bootable disc ready to hack/reset windows administrator password.

4. Restart your computer and boot via CD/DVD just created. Windows Key will start loading its files and show its interface like this:

5. Windows key will ask you to select the Operating system, account of which you wanna reset administrator password. You have to enter 1, 2 or such numbers corrresponding to your choice.

6. Finally, Windows key will display message “Password has been reset”. Now, press any key and computer will be restarted and now, you will be able to login to administrator account without any password. So, Windows key has removed or reset windows administrator password helping you to loging without any password.

Note: I have tested this on Windows XP, Vista and found this working perfect. The version I have provided doesn’t work on Windows 7. I will provide link for Windows 7 soon.

Thats it friends. You will be thus able to hack windows XP, Vista or windows 7 administrator password using this windows password recovery software. If you have any problem in using this Windows key software to hack / reset windows XP, Vista or windows 7 administrator password or if you have any other useful software to reset windows administrator password, please let me know by mentioning it in comments.

Enjoy n reset windows XP, Vista, Windows 7 administrator password…

Rajesh is currently pursuing BEIT (Information Technology). He interested a lot in blogging and computer tricks. He shares all his tricks and hacks at http://techotips.blogspot.com

Article Source:http://www.articlesbase.com/security-articles/hackreset-windows-xp-vista-windows-7-administrator-password-1774370.html

To start, shall we investigate what this Encrypted USB maker (and software reseller) promises – this straight from their splash page :

* FREE updates!
* Secure your files for only $39.99
* Create encrypted ‘Vaults’ on any type of storage device
* Save & manage all your passwords using the Password Manager
* Runs on all Operating Systems!  

In this article, we will inspect the promise that they do have the strongest encryption algorithm – PMC 512-bit (at least in the world of Encrypted USB Drives). The most reknowned encryption standard used in the Western World is the 256-bit AES encryption which is made up of three ciphers (or Encryption Algorithms) ; AES-128, AES-192 and AES-256 and each cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively.  This has shown to provide almost shatterproof encryption, and as such has been used by the US Military and Department of Defense.  

How will this differ from the method EncryptStick does this?  Here is what the PMC 512-bit Encryption would yield, yet this is not the agreed to standard in the Americas :

 In order to compare traditional cryptographic strategies with the Polymorphic – PMC 512-bit – technique, the total keyspaces must be compared.  As both methods are presumed to function on a 128 bit data key, this comparison is legal.  So, the polymorphic strategy beats any typical methodology by a factor of 3,913*10115 / 3,403*1038 = 1,150*1077 ( ).  This is larger than the number of atoms on our planet!  

It appears like this is a nice thing.  Based simply on the actual Encrypted USB techology, I’d venture to claim that this company may have hit it right on the head.  I am always one to want more protection, even if it is not obligatory.  And for the price, this is, so far, a great bargain!

I have been an IT Security Specialist, working as a freelance contractor for since the 90’s. Working in all facets of IT from Storage, Backup, to Administration and Security, I’ve noticed the requirement for Encryption, Protection and related technologies such as Encryption Protected USB drives. You wouldn’t believe how many easy DIY things you can do to help you in your everyday life with computers. I’m here to help!

Article Source:http://www.articlesbase.com/security-articles/pmc-512bit-encryption-1775463.html

There are many people who have lost their passwords Windows everyday.What we can do if we lost Windows password ? Here are five methods that can be used to recover windows password.

Method 1:
The first thing to check if you have lost your Windows password . When we installed Windows automatically creates an account “Administrator” and set the password blank. So if you forget your user account password, try the following:

System “Start” and when the loading screen Windows / Login screen, press Ctrl+ Alt+Del button twice, and it will show the classic logon dialog. Now type “Administrator” (without quotation marks), user name and password can be empty. Now press the enter key, and you should be able to connect to Windows.

Now you can change your password from “Control Panel -> User Accounts.

The same may be in Safe Mode. In Safe Mode Windows it is in the Administrator account construction exhibition in the Login screen.

Method 2:
Windows XP and later versions also provide another way for Windows Login Password recovery with the “hard reset”. When you create a password reset disk in the past, you can use this disk to reset passwords.

Method 3:
If the tips above do not work, try this trick, which is actually a vulnerability in the Windows XP Setup and serious security problem is the following:

A. boot from the installation CD-ROM, Windows XP, and follow the instructions on how to accept the license agreement, etc.

B. If it requires repair an existing installation of Windows, they are willing to accept and R buttons to complete the repair.

C. Repair and installation of windows starts copying files, reboot, etc.

D. After a few minutes to reboot the system setting when you reboot, and you do not press a key when it shows “Press any key to continue …” otherwise the installation will start from scratch. Do not press the button and resume the installation program, where he had left.

E. But others are beginning to show the problem and the progress bar with a little more on the left side.

Q. Watch carefully and if it says “Installing Devices” press Shift + F10 “key on your keyboard.

G. This MP to open a command prompt. Enter now nusrmgr.cpl and then press ENTER.

H. This MP to open the same “User Accounts” window that you see on the control panel.

Now I change my password or delete any circumstance, no problem.

Method 4:
Using the Windows Password Recovery tools.Windows password recovery tools are used to recover lost user and administrator passwords used to connect to the operating systems.Password recovery tools, often called “password cracking” tools because they violate too many passwords to hackers. Cracking legally your password Windows, of course, is a legitimate practice! There are many programs for Windows administrator password recovery or reimbursement of the user’s password, you can easily find on the Internet.

Method 5:
If nothing helps, you can simply install Windows and the creation of new accounts. To restore the lost data, you can data recovery on the network, but the chances as very low, in order to obtain new data.

Article Source:http://www.articlesbase.com/security-articles/five-methods-for-windows-password-recovery-1777523.html

Web applications have become the major hunting grounds for cyber criminals who quite rightly view them as low hanging fruit.  Just as building new motorways improves access for traditional burglars and car thieves, web applications’ internet accessibility literally delivers them to the hackers’ doors.

For some time now, cyber crime has simply been another arm of organised crime.  And organised crime is pouring a substantial portion of its vast resources into cyber crime … because the return on investment is very high.

Organised crime goes to great lengths to get its hands on any information – and the more confidential it is, the better.  Once they’ve hacked into an application, they can either make use of it themselves or sell it on to others.  They can also take control of the various resources such as servers and databases that house that information and turn a profit from that as well.

Having gained control of your computing power by exploiting vulnerabilities and adding code to your application, they add your power to their existing haul and create botnets – a global network of robots reporting to their master command-and-control node – which can be directed to attack other organisations, or sold to other criminals who, once they hold enough power, can orchestrate denial of service attacks.

No longer is it enough for these criminals to boast of their hacking prowess; these days it’s all about the money.  Given that a properly engineered denial of service attack is powerful enough to bring down pretty much any global multi-national corporation  or, in fact, any small country and take them off-line for the duration, this is not about bragging rights, it’s extortion.  It is money-motivated from start to finish.

Because all information and all computing power is grist to the mill for the criminals, no company is too small and certainly no company is too big to be targeted.  And as the security in large enterprises is often no better than small entities, size is truly no barrier to the criminals.

And no business can afford the consequences of a security breach.  At the very least, mismanaging confidential information almost always leads to reputational damage.  Reputational damage leads to departure of existing clients as well as difficulty attracting new business – a situation that can go on for many years. There are obvious bottom line implications to those consequences; in the most extreme cases, businesses can go under.

According to IBM’s X-Force 2009 Mid-Year Trend and Risk Report, the predominant risks to web applications are from cross-site scripting, SQL injection and file include vulnerabilities.

Cross-site scripting vulnerabilities occur when web applications do not properly validate user input, thus allowing criminals to embed their own script into a page the user is visiting.  This script can steal confidential information or exploit existing vulnerabilities in the users web browser. Cross-site scripting vulnerabilities are typically exploited in phishing attacks by sending users a malicious link to a page in a legitimate domain name via email. The criminals get high returns because users trust the familiar domain name they are visiting and thus trust the links (created by the criminals) therein.

SQL injection vulnerabilities are also about improperly validated user input, but in this case that input includes SQL statements that are executed by a database, giving attackers access to that database to read, delete and modify sensitive information (like credit card data) as well as embedding code into the database allowing attacks against other visitors to the web site.

File-include vulnerabilities occur when the application is forced to execute code from a non-validated remote source, allowing criminals to take over the web application remotely.  This category includes some denial-of-service attacks as well as techniques that allow criminals direct access to files, directories, user information and other components of the web application.

Facilitating all these kinds of attacks is the fact that many web sites contain some code to support various features and functions which inadvertently introduces vulnerabilities.

Russian roulette, anyone?

Sense of Security is Australia’s premier provider of a range of IT security and risk management solutions. Its services include IT security reviews, penetration testing, audit and PCI compliance. Sense of Security provides PCI compliance services through its team of QSA’s to many of the countries leading organisations.

Article Source:http://www.articlesbase.com/security-articles/how-could-web-application-insecurity-affect-me-1781322.html

Web application weaknesses are a major way that cyber criminals, working with hacking techniques, can steal sensitive data. With this data, nefarious crooks can affect companies and individuals alike; there is little distinction between Fortune 500 Companies and an end user with a credit card. They often just follow the path of least resistance.

Online data theft is not a game. While some hackers will brag about having breached the security of a web application and gained access to sensitive data, the criminals have money, not bragging rights in their cross-hairs. Extortion is sometimes the name of the game. If data can be held at ransom by thieves, depending on how sensitive the data is, they can demand a huge sum of money.

The ways that companies and individuals are affected by web application attacks are numerous. Imagine this “what if” situation. A large Fortune 500 company is attacked by an orchestrated attack and the credit card numbers are taken and held at ransom by an organized crime group. Word gets out and the Fortune 500 company under goes a huge investigation and security audit. The clients and customers of the company lose trust in the security of the company and start taking their business elsewhere. The company then starts losing revenue and the customers begin to find that their credit cards are being charged illegally. The credit card companies are involved and are losing money as well. Nobody is immune to these web application attacks, whether its large company or one individual.

As programmers design web applications to be more accessible and easy to use, often these features are targets for crime groups to attack. Programmers must protect their applications by following secure coding practices to filter out any attacks and create a safe place for their clients customers to do business.

One of the major ways hackers breach a web application are through SQL injection attacks. SQL injection attacks can be used to access sensitive data or do any number of destructive things to the data stored in the web application’s database. Cross-site scripting attacks are also prevalent. This attack occurs when malicious code is inserted and executed when a user loads an infected page. Denial of service attacks are also popular. This happens when the network hosting a web application is swamped with useless requests sent out by the criminals which creates so much traffic that the network or system crashes.

It’s a wild world out there…

Sense of Security will continue to focus and innovate as an Information Security leader to government, non-profit and commercial entities. Sense of Security has offices in Sydney and Melbourne and is expanding in 2010.

Article Source:http://www.articlesbase.com/security-articles/how-does-web-application-security-affect-me-1781691.html

The Secure Socket Layer, commonly known as SSL, represents the standard security technology used in online data encrypting. The SSL functions as an encrypting program for all communication between the server and the client’s web browser

What are “Phishing” and “Pharming”?

Phishing:-

The scam that uses spam (unsolicited e-mail) to lure consumers into disclosing sensitive personal information—such as social security numbers, account and routing numbers, credit card numbers, personal identification numbers, passwords, and other private data. The unsolicited e-mails will appear to be from a legitimate business and in most cases hackers will choose a business that you are familiar with, such as a financial institution, credit card company, or insurance company. The e-mail will often ask you to “update” or “validate” your billing information to keep your account active. To further entice you, hackers will even direct you to a web site that looks identical to the legitimate web site—with the same logos, colors, and designs. All of which is simply an attempt to get consumers to submit their personal information to the impostors, who then uses that personal data to commit identity theft.

Pharming:-

When criminal hackers redirect Internet traffic from one Web site to a different, identical-looking site in order to trick you into entering your user name and password into the database on their fake site. With this information, hackers will then be able to gain access to your bank accounts, steal your identity, or commit other kinds of fraud in your name. Pharming scams are considered more dangerous than e-mail phising, since you can be redirected to a false site without any participation or knowledge on your part. The false Web sites used in pharming scams usually “spoof” their links so that they look exactly like the ones you expect to see, even in the code that appears when you mouse over them. Signs of a potential pharming site include:

• The login process or page looks different from the legitimate site.
• You are asked for information, such as your social security number or date of birth which is not normally
  requested.
• The web site URL does not contain the prefix https://.
• Legitimate web sites that request confidential information such as usernames, password and credit card information will always encrypt the session with Secure Sockets Layer (SSL). Pharmed sites do not typically have SSL certificates. Look for the “padlock icon” in your browser and double click on the padlock to verify the SSL certificate.

Protect Your Web Site:-

An SSL Certificate added to your web site is an effective weapon against identity theft of personal data, phishing and pharming. If your customer accesses a web site that is posing as yours, your SSL Certificate (attached to your URL) causes the browser to instantly alert the customer that there is a problem with the “supposedly” secure connection. There will be no locked padlock icon in the bottom, right side of the browser’s status bar. The address field will not show an https:// with the URL that indicates a secure connection.

Though requesters for SSL Certificates are rigorously authenticated, the occasional pharming cyber criminal is going to get one. In such a case, the browser will warn the customer that the intended URL does not match the certificate presented by the fake web site. This allows your customers to immediately abandon their activities, keeping their information secure.

Nill Smith works for ClickSSL.com who specialize in SSL certificate as well as having informative tutorials on configuring SSL certificates on your web server. ClickSSL.com is a leading provider of RapidSSL, Thawte123, WildCard SSL Certificate and website security.

Article Source:http://www.articlesbase.com/security-articles/ssl-protects-online-transactions-it-protects-you-1770260.html