Monthly Archives: April 2012

Browsers and how they show Trust and Encyption

Posted by on April 29, 2012 2 comments

Firefox is moving ahead with a new way to convey the security level of websites…See the differences for yourself.  Also including Chrome and Opera for comparison.

Key: HTTP is the plain old web, no guarantee of well anything really security wise
HTTPS your communication is encrypted to a specific website
HTTPS with EV or Extended Validation ensures your communication is encrypted to a specific website AND that company X (at so and so address, and incorporated in Y) owns said website.

Firefox 12 (current)  HTTP
HTTPS
HTTPS with EV
Firefox 14  (new) HTTP
HTTPS
HTTPS with EV
Opera HTTP
HTTPS
HTTPS with EV
Chrome HTTP
HTTPS
HTTPS with EV

Additional Notes:
Opera doesn’t warn on Mixed HTTP/HTTPS Content, instead it just displays it as “Web” (no security markers) which certainly puts security first.
Opera – when you click the url bar, the full URL get’s displayed including http:// or https://, otherwise they are usually hidden except for trusted sites for some reason.   That actually makes me like hiding http/https by default.

Which do you think of the above is the worst?   The best?  Why?

For me, Opera would win if they didn’t have the lock symbol.  Saying outright “Secure” or “Trusted” I think works quite well. Otherwise I still really like Firefox 12.  It is quite easy to teach to people (I teach a Firefox course every other month or so), and works quite well at a glance.

The other goal of the Firefox 14 change was to “reduce some visual weight”.  Which I read as make what kind of page (secure/etc) stand out less.  In fact, out of the above Firefox 14 is my last choice.

The Lock Symbol

It provides a false sense of security. If you tell people that a lock symbol means they are secure they are more likely to trust locks that are on the page or part of the favicon. Regardless if it’s not displayed in the URL bar, it would still be on the tab.  It’s not a big leap for a user to mistake one for the other.

The lock symbol does exist in Firefox 12, it will show up if you click on the Green or Blue bar. This keeps it from being something the user expects to see on the page though.

Links

You can read more about the reasoning behind the Firefox 14 change here: https://msujaws.wordpress.com/2012/04/23/an-update-to-site-identity-in-desktop-firefox/

Discussion about the return of the lock:https://groups.google.com/forum/#!topic/mozilla.dev.apps.firefox/ODX1PJutsLM/discussion

IPv6 Comments..

Posted by on April 19, 2012 4 comments

I just noticed that I had my first comment by someone using IPv6 (they used a cell phone network).  I expect IPv6 adoption to jump after worldipv6launch.org. I’m hopeful that comcast will get me on IPv6 by then…

Some great testing sites and IPv4/v6 countdowns after the break.
Read more »

Boot a USB Drive from GRUB.. or what to do when your computer can’t boot from USB

Posted by on April 18, 2012 2 comments

I’ve ran into this situation before.. Had Linux installed on a machine and needed to reinstall/or install another distro. Fine, should be easy right? Load said distro on a USB stick and away we go. Unfortunately some (mostly older) machines can’t boot from a USB stick. This annoys me (especially cause I really don’t use writable CDs/DVDs at all anymore). It turns out if you already have GRUB1 installed on the machine, you can use that to boot the USB stick and even overwrite what’s on the hard drive. This of course doesn’t help you if you have no-OS or another OS -> maybe look at PXE booting.   I’m still haven’t gotten this to work with GRUB2 unfortunately, they’ve complicated things a little.  Still it’s useful for old machines.

  1. Figure out the kernel command line that your distro of choice uses (that you want to install/boot). I was using Linux Mint Debian created by Unetbootin.
    They (like many distros) store this in syslinux.cfg, look for the default label, and then note the items in bold.
    label unetbootindefault
    menu label Default
    kernel /ubnkern
    append initrd=/ubninit boot=live config live-media-path=/casper quiet splash –
  2. Boot target machine with USB stick inserted.  When GRUB appears Press Escape then C to get to the GRUB command line.
  3. If you only have two drives in the machine the internal one will be (hd0,0) and the external one should be (hd1,0), or similar.
    I typed the following, change with your version of the bolded information above, pressing enter after every command.
    root (hd1,0)
    kernel /ubnkern
    initrd /ubninit boot=live config live-media-path=/casper quiet splash
  4. Ready to go?  Type boot and hit enter.

Tab auto-complete works great with GRUB..  You can do root (hd to get possible target drives, root (hd0, to get possible target partitions and filesystem types, and finally list possible kernel or initrd targets.