HTTPS Changes in Firefox and Chrome

For as far back as I can remember, browsers have always denoted HTTPS pages with a padlock icon, a tiny warning to let you know that anything you submit on the specific page will be securely encrypted. As with all never-changing warnings though, I imagine you’ve stopped noticing it as much as you used to […]

Basic Privacy Tools

A few years ago, I wrote about security, privacy, and resetting the net. We’re still in very interesting times as far as that subject goes, and if you haven’t taken steps to protect your privacy, now might be a good time to reconsider that. One of the easiest changes you can make is to use […]

WordPress Security and Auto-Updates

WordPress 4.3.1 was released six days ago and included three security fixes. If you haven’t done anything silly to disable auto-updates, you would have been automatically updated within an hour of the announcement (and in some cases even before the announcement). If you have disabled auto-updates, your site was publicly at risk until you manually […]

WordPress 4.2.4 Released

WordPress 4.2.4 has been released. This is a critical security release, addressing 6 security vulnerabilities, as well as 4 bugs (including a few you may have run into during the last security fix). A huge thanks to the folks who kept us all safe by responsibly disclosing the security vulnerabilities. If you have not done […]

Security, Privacy, and Resetting the Net

Accusations of online surveillance by government entities are rampant. By now, you have all seen or heard of at least one clandestine government program, like PRISM,┬ádesigned to spy on citizens by circumventing what was once considered to be fundamental security. The validity of these accusations and programs are in question, as would be expected. Is […]

Disclosing a Security Vulnerability

Some of you are coming here from a site where this blog was apparently featured as an example of how to exploit a security vulnerability. I won’t link to it, because what that individual did was irresponsible, but it gives me the opportunity to hopefully educate some people. There are many ways to disclose a […]

Two Step Authentication on WordPress.com

If you have a WordPress.com blog, now is the perfect time to make your account more secure with our new two step authentication! Two step authentication (also referred to as two-factor authentication) requires you to enter a one-time secret code from your mobile device whenever you log in, after entering your password of course, which […]