Would You Entrust Your Data to These Yokels?

Thursday, December 31st, 2009

You have asked Firefox to connect<br />
securely to www.delldatasafe.com, but we can't confirm that your connection is secure.</p>
<p>Normally, when you try to connect securely,<br />
sites will present trusted identification to prove that you are<br />
going to the right place. However, this site's identity can't be verified.</p>
<p>What Should I Do?</p>
<p>If you usually connect to<br />
this site without problems, this error could mean that someone is<br />
trying to impersonate the site, and you shouldn't continue.</p>
<p>             www.delldatasafe.com uses an invalid security certificate.</p>
<p>The certificate is not trusted because the issuer certificate is unknown.</p>
<p>(Error code: sec_error_unknown_issuer)

If Dell can’t even manage their public key certificates, how can I trust them to keep my data safe and secure?
(more…)

Verifying SSH Host Fingerprints

Tuesday, January 10th, 2006

If you use ssh you’re familiar with this message:

~$ ssh rich.elharo.com
The authenticity of host 'rich.elharo.com (192.168.254.36)' can't be established.
RSA key fingerprint is 5a:65:0f:5f:21:bb:fd:6a:5a:68:cd:62:58:5d:fb:9f.
Are you sure you want to continue connecting (yes/no)?

If you’re like me, you regularly just type yes and continue without much thought:

Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘rich.elharo.com,192.168.254.36′ (RSA) to the list of known hosts.

But is that really safe? (more…)