The Rietta Blog
01/12/2017
The MongoDB hack and the importance of secure defaults
by Frank Rietta
If you have a MongoDB installation, now would be the time to verify that it is secure. Tim Kadlec has written a must read post.
12/01/2016
CPU Benchmark - Raspberry Pi vs AMD Athlon vs Mac Mini
by Frank Rietta
In a battle of the CPU's the Raspberry Pi does not win, the AMD Athlon 3200 still holds its own after nine years, and the modern Intel Core i5 beat them both as would be expected. They all have a use in the home systems lab still!
05/10/2016
Bad Password Practices are Responsible For Most Data Breaches. You Can do Better.
by Frank Rietta
Verizon DBIR says 61% of data breaches are the result of bad password practices. Your app can avoid some of the pitfalls with a few precautions, especially using slow hashes and 2FA.
04/22/2016
Calls to Ban Effective Encryption Continue Despite Data Breach Crisis
by Frank Rietta
Calls for the U.S. Congress to ban effective encryption are repeated despite the current information security crisis in which data breaches are regular news.
04/08/2016
U.S. Senate Bill Seeks to Ban Effective Encryption, Making Security Illegal
by Frank Rietta
Senators Feinstein, Burr published a bill in the United States Senate that would effectively ban effective encryption. This bill essentially says you can not have any conversation or data exchange that the government can not access if it wants to.
03/16/2016
It is not just one iPhone, the FBI wants a future where it is impractical to deploy strong encryption without key escrow
by Frank Rietta
The FBI wants a future where it is illegal or impractical to deploy strong encryption without key escrow, which is a key backup system that is insecure at scale. Data breach risks will increase as our devices become less secure.
02/05/2016
What is the difference between bcrypt and SHA256?
by Frank Rietta
TL;DR; SHA1, SHA256, and SHA512 are all *fast hashes* and are bad for passwords. BCRYPT is a *slow hash* and is good for passwords. Always use slow hashes, never fast hashes.