I like http://www.2600ie.org/ it has news from a variety of sources in one place and auto updates instead of having the same 5 news articles for a month or more.
yeah, even worse still, imagine only four news articles,, well i suppose one can't count on any free hands to do the work.
There are resources available, some are even free and can be used without much problem
Wrong thread, ignore.
The internet storm centre: http://isc.sans.org/ a bit ott but quite up to date.
www.securityfocus.com good all-rounder.
www.trendmicro.com for virus updates.
and http://searchsecurity.techtarget.com/ a little bit slow on the information, but has interesting articles - if you have a bit of time to read them!
Two links threads merged.
The Twenty Most Critical Internet Security Vulnerabilities
http://www.sans.org/top20 - 10 for windows, 10 for unix
Is your computer sufficiently protected against hackers ?
Rogue/Suspect Anti-Spyware Products & Web Sites
Well, it's been nearly 8 years since a post to this thread sooooooo, hope its ok to add something without wakening the dead (zombie thread etc..).
Something that I came across tonight and thought was interesting.
SSL Test - https://www.ssllabs.com/ssltest/index.html
Theres a name I havent seen in a very long time. Any one know where he is or what he's doing?
Twitter is brilliant for infosec'y stuff.
If you dont want to dive into the deep web, http://www.hackforums.net/ has a lot of resources.
Wonderful One Time Pad tool I have been playing with named 'One Time' - it's included in unstable versions of Debian. Also available from website at :
Note that this program relies on /dev/random to provide lots of entropy. I recommend using it with havegd or my personal fave randomsound to make sure that there's plenty available.
The usual warnings about the ways in which a one time pad can be compromised as well as the difficulties in authenticating a message.
Needless to say it's best to use this program from a "live" DVD and also to sign any messages with a gpg key so that the recepient can verify they came from you. It's probably best to keep your keyfiles on an encrypted USB stick and delete them after each is sent. Note the advice given on the onetime page which is that it's better to have a separate "Alice to Bob" and "Bob to Alice" pad.
That way if you both send each other a message at the same time, you won't be using the same pad data twice, which as I'm sure you all know is a cryptographic cardinal sin.
Of course this method does involve meeting up with someone and securely exchanging the keys. As I stated on another thread this may not be very feasible in most cases but if you want your communications to be NSA proof, I'd say the OTP is your best chance.