Stories by Glenn Fleishman

How to keep your email private with PGP encryption on your Mac

In our last episode of Private I, I explained the basics of public-key (PK) cryptography, a way to scramble messages in a way that only someone possessing a particular key can decrypt, without that key ever having to be publicly disclosed or shared. It's an effective system that has no known theoretical exploits, and currently deployed implementations are considered robust.

Glenn Fleishman | 02 Mar | Read more

When it comes to security, who can you trust?

In previous columns, I've explained the chain of trust and the weak links in various methods of security. But reader Duane asked a few days ago, regarding my column on using VPNs to protect coffeeshop and other last-mile vulnerable connections, "How do you know the VPN operator isn't stealing your info?"

Glenn Fleishman | 23 Jan | Read more

Latest iCloud crack can't beat a good password

You've likely read about iDict, a very publicly released cracking tool designed to compromise iCloud accounts using brute-force techniques--techniques that try a series of passwords in quick succession in the hope of finding the correct one. According to reports, the vulnerability was patched by Apple within a few days. (Apple has declined to comment, however.)

Glenn Fleishman | 09 Jan | Read more

How to help your family stay more secure online

Many of us travel during the holidays to visit family, have them visit us, or at least touch base with those we haven't talked to in a while. One of the kindest gifts you can give beyond your own company and a new blender is to help relatives sort out online password and security problems that they may not even know they have.

Glenn Fleishman | 30 Dec | Read more

Family Sharing is convenient, but comes with its own risks

No Mac is an island, and every iPad is part of the main. But Apple has, for many years, had trouble with letting a group of allied people--let's call them a "family"--make best used of shared devices and shared digital purchases. Family Sharing is the latest attempt by Apple to facilitate families' sharing (if not caring).

Glenn Fleishman | 19 Dec | Read more

YubiKeys by Yubico provide two-factor authentication by USB

I've written a few times about two-factor authentication (2FA), where a password (something you know) is paired with a second item, like a device-generated token or one-time code sent via SMS (something you have). A password can be stolen or sometimes extracted, so a second factor makes it substantially more difficult for someone who lacks physical access to you or your stuff to break into one of your accounts. This restricts attackers from accomplishing wholesale attacks across thousands or millions of accounts, unless 2FA is badly implemented or attackers find an exploit.

Glenn Fleishman | 29 Nov | Read more

Private I: It's time to encrypt everything

If we've learned anything from the last few years, it's that given the opportunity to snoop on or scarf up our data or our metadata, criminals, business, and governments have a lot in common. They may have different ends that drive why they want to look at our email and transactions, listen in to phone calls, track with whom we communicate, and follow our location, but it all involves a lack of consent.

Glenn Fleishman | 21 Nov | Read more