According to Bruce Schneier, the “Heartbleed” OpenSSL bug is a catastrophic one.
Attackers can access all of a server’s memory, including user names, passwords, private keys – anything at all.
It’s probably safer not to use Internet banking and other services that rely on SSL to secure HTTP sessions for the time being, until your financial institution’s encryption libraries have been confirmed to be patched.
Fortunately, none of our products use OpenSSL, and so CompleteFTP, […]
CompleteFTP 8.1.0 has recently been released, and includes CompleteBox 1.1, which has some neat new features.
CompleteBox is a file sharing client that integrates with CompleteFTP. The most important of the new features is private storage. As well as sharing files publicly, users can now use CompleteBox to store their own files and retrieve them later – even on a different machine. This means you can store files at one location (e.g. […]
This is amazing and scary – computers often emit high pitched sounds, and these sounds can actually leak security-sensitive details about what your computer is doing.
In particular, RSA decryption keys can be deduced from these sounds within an hour! This can be done via a mobile phone next to the computer.
More details here.
With the release of CompleteFTP 8.0 recently, collaborative file-sharing has been added to CompleteFTP’s many capabilities (in the Professional and Enterprise editions).
CompleteFTP now ships with a file-sharing client called CompleteBox. A user account must be set up on the CompleteFTP server, and the CompleteBox client installed on the user’s local machine. The user enters their credentials, and they can now share their local files by either right-clicking on a file and selecting the “Share […]
From version 7.4.0, CompleteFTP (Professional and Enterprise Editions only) supports local SSH port forwarding (often known as SSH tunneling). This means SSH tunnels can be established between a client machine and CompleteFTP that other protocols can use.
Why would you use SSH port forwarding (also called SSH tunneling)? There are two reasons – firewalls and security.
Consider the scenario where an employee using a laptop outside the corporate network wants to give a demonstration to a […]