Posts Tagged ‘certificate’
6 Months of Security Links #2011
I’m a regular curator of daily links, and like to give overviews of my collection of curated links and posts. This is partly as there are some good sources and articles in here and as I am working on a research project which I started based on a number of books I read.
I’m sure you’ll find something interesting in the items below – there are some gems in the list – and I dare to hazard the guess you might learn something you wanted to know. 
OCSP Troubles #security #x509 #certificate #revoke
A company was having intermittent trouble with their new authenticated SSL, it wasn’t that they experienced trouble with the certificates, which came from a large international CA, or the authentication. There was a bug which caused the OCSP check on some certificates to fail. And after it had failed the first time for a certificate it would continue to fail for that certificate until the application server had been restarted. As this was a mission critical application for their customers between 8am-6pm they had taken to restarting the servers at 7am to ensure that there would be less issues during the day. This was obviously not a permanent solution so the vendor was called to fix the issue.
A catalog of this year’s risky articles #2010
Risk is something which can be difficult to evaluate for the average person, there is a lot of work which goes in to learning not to do the two things that people usually do when they are confronted with risk:
- Ignore
- Overreact
Facebook is the new Portal for Insurers and Banks #social #finance
It looks like every man and his dog needs to have a Facebook page, even banks…
@Google and @FaceBook battle over the back of @FriendFeed? #social #feedburner
It has been almost 1.5 weeks since Google’s FeedBurner removed the Frie…
Prosper allows loans to fund Kiva projects #microfinance
Some days ago I tweeted to Prosper, a personal loan marketplace, whether they…
Social Revolution – Do You Get It?
I don’t really think most people get “it” when it comes to …
Secret Google campaign against Hyves? #social #networking
Just noticed that Google Translate translates the name of the Dutch social ne…
Company Policy or People #hr
I find a 400 plus page manual of office policies and job descriptions for eac…
Social Media Syndication – Feedback Loop
In the last two days I’ve not been posting so much, and focussing on up…
Google Scribe – Ye Shall Know Them By Their Fruits #google
I started playing with Google Scribe and wanted to see if patterns emerged so…
@Google, please stop with the language! #google
I have my Google account set up with English as the preferred language, my br…
Did The LinkedIn Certificate Expire Again? #linkedin
For the last 2 years LinkedIn has been running a bad poor IT management depar…
Advert: Reserve your Agile/SCRUM Pack #scrum #agile
When I just started I too had trouble with getting all the items I required t…
GMail Quota and Statistics (follow-up) #google #gmail #dashboard
On August 11th 2007 I exceeded my GMail quota, I blogged about it here. At th…
More SMS banking by M&T #sms #bank #risk
Brian Szymanski send a reply to me concerning another bank implementing SMS b…
Solving the URL shortening problem #twitter #tweet
I don’t understand why url expansion after url shortening is such an is…
Is RevTrax violating FaceBook privacy policy? #facebook @RevTrax #privacy
I just read an article Web Coupons Know Lots About You, and They Tell in the …
China acquires more than China… #hacks
This morning/night China’s networks were sending rerouting messages to …
Implementation of Security #risk
The lack of trained and experienced computer security people working in small…
ING reveals names using account numbers #bank #risk
Last week I saw an episode of a popular Dutch Ombudsman program Kassa, they r…
Musing: Why can I fly solo?
After seeing a program about a lifecoach trying to find the time to get his p…
Image source Radio Nederland Wereldomroep
This year’s articles about programming #2010
In 2010 I was less focussed on programming articles on the blog than previous years, still I have managed to create some interesting articles with code in 2010. This is an overview of the activity:
Sync Web with Phone #html #javascript #scratchpad
Having some fun today with QR codes, JavaScript and the Google Analytics URL …
The Structure of a Daily Scrum #agile #scrum
The only questions that are asked in the Daily Scrum, aka Stand-Up, are: What…
Features I Still Miss in Mail #mail #email
UPDATE: GMail has introduced my number 3. YEAH! (Gmail introduces Priority In…
YouTube Channel Unsubscribe #bookmarklet
I like YouTube, and often subscribe to new channels and unsubscribe after a w…
PCI is nice (or what I do) #pcidss
Since I started working for my company I’ve been exposed to PCI DSS (Pa…
Solving the URL shortening problem #twitter #tweet
I don’t understand why url expansion after url shortening is such an is…
VeriSign PIP Browser Certificate workaround (PIN Request) #identity #openid
VeriSign – Personal Identity Portal is a OpenID provider with multiple …
Image source D’Arcy Norman
Did The LinkedIn Certificate Expire Again? #linkedin
For the last 2 years LinkedIn has been running a bad poor IT management department, this have been my headlines for the last two years:
I am so sure of LinkedIn’s incompetence, as with their product they won’t ignore a chance to punish their customers for wanting to use their services.
In about two hours we should know.
VeriSign PIP Browser Certificate workaround (PIN Request) #identity #openid
VeriSign – Personal Identity Portal is a OpenID provider with multiple factor identification: Password +
- Mobile Credential (phone or mail PIN)
- Account Information Card (can be used by applications such as Microsoft CardSpace)
- VeriSign browser certificate
- VeriSign Identity Protection (VIP) Credential (Physical Token)
As I have a browser certificate linked to my old browser and couldn’t login with my current browser I had to figure out a workaround when I don’t have the browser certificate: PIN Request. On the page that does the browser certificate request there is a hidden link to get a PIN send by mail or mobile, which you can find here.
Hope that helps you.
LinkedIn Certificate Expired Again! #linkedin
You would not believe it, last year today I wrote the article: LinkedIn Certificate Expired. And today it happened again, this time it’s not in a weekend.
http://www.linkedin.com uses an invalid security certificate.The certificate expired on 06/07/2009 19:41.
(Error code: sec_error_expired_certificate)
Will they learn from this for next year?
Thanks to Ali for the heads up!
Technorati Tags: business, risk, calendar, linkedin, networking, security, pki, certificate
LinkedIn Certificate Expired
For all you LinkedIn users, have you noticed that you can’t login or re-authenticate? This is because the Security Certificate expired today.
http://www.linkedin.com uses an invalid security certificate.The certificate expired on 06/07/2008 08:53.
(Error code: sec_error_expired_certificate)
It’s easy to call the guys from LinkedIn, which has Got A Billion Dollar Valuation and collected 53 million in the last round of funding, stupid.
This is a business risk, to mitigate this a simple calender item could be created which alerts at least a week before expiration. Naturally it would be better to have your own PKI system with which you could easily create a new certificate rather than rely on an external vendor for new certificate creation. Although some provide the facility to create a new certificate online. To have anything expire on any day other than Mon-Thu, preferably round 12pm localtime is really really bad management.
Naughty LinkedIn!
technorati tags: business, risk, calendar, linkedin, networking, security, pki, certificate
