Code Sherpas have a good article on how to secure MySQL; it’s a quick reminder-type reference to have on hand the next time you do a MySQL install.

Digital Media Minute did a post a while ago on how to reformat a thumb drive; check the video on how to secure flash drives with USB Safeguard, freeware that will turn regular unassuming, insecure flash drives into powerhouse encrypted flash drives (Windows only at this time). Note the virtual keyboard that you can use if you are using an unfamiliar computer, as well as the ability to retrieve the thumb drive if it is lost by leaving an e-mail or phone number where a finder could contact you.
(via Lifehacker)

Here’s a way to easily remember your password or passwords while adding a twist that’s totally low-tech but nearly un-hackable. (via lifehacker)

So in the service of Australians, or something, the Aussie government decided that folks would just be better off not going certain places on the internet, and made a big ol’ list of sites which are concerned with thought crimes like stem cell research and vacation kennels for animal care (no kidding). You know, Pandora’s box stuff…

Exit International, an organization that provides material on euthanasia to its members, is on that site too and not happy about it. Suspecting that many of its elderly members might be unable to find a workaround, E.I. contacted David Campbell of the Pirate Party of Australia, who taught them enough about web based proxies and VPN tunnels, with emphasis on the former, to make these seniors dangerous.

At least in the eyes of the Australian government.

Over the years and quite a few moves on two different continents, my documents have become a barely-managed trail of valuable information that has become less and less secure over time because of my lifestyle. I decided that it was time to look into some method of digital document management, and I’d imagine I’m not alone. It’s not like I needed an enterprise solution or some sort of digital document management software, but my records are obviously critical to me, and their potential loss would represent an enormous amount of time that I would have to take to replace them where I could, and obviously many physical documents and records can never be replaced if they have not been backed up digitally. A friend’s story of losing his notebooks containing all of his accounts of his experiences in the Vietnam War-in a warehouse fire, as clichéd as that is!-pushed me to finally take the bull by the horns.

A digital document management solution was what I needed, a personal digital archive, and in addition to security I really required that it be easy to add to as time went on. I rejected the idea of a purely online document management method as anything more than an extra backup; it may sound simplistic but a physical solution that included encryption attracted me most. All that it really came down to for me was committing the time to do the document imaging-again I just needed a personal solution, as opposed to a way to store corporate documents. Still, I had quite a bit of work to do– digitizing hard copies of titles to property that had no digital backup was just the beginning.

I don’t want this to turn into a plug for a specific method of digital document management, but in the end the solution that I settled on was a secure flash drive that in addition to encrypting and storing my digital information also protects my passwords and lets me surf anonymously when I’m not using one of my computers. 1 GB of storage was less than US$100, and it was a small price to pay.

Here’s a brief article from Carsonified about the different parts of a cookie and their implications for security. It’s introductory, a good overview on how cookies work, cookie options and configuration, etc.

We did a post on ten security checks for PHP, and pointed to a PHP security guide as well. On a more recent, related note, you might want to take a look at Rkrishardy.com regarding researchers from MIT, Stanford and Syracuse having developed “Ardilla”, which analyzes PHP code for XSS (Cross-Site Scripting) and SQL injection attack vulnerabilities.
Derived from a modified version of the Zend Interpreter, from work done at IBM, Ardilla can’t be released as open source because of licensing issues.

John Pozadzides tells you How He’d Hack Your Weak Passwords. It’s neat to see how somebody might attempt to crack your passwords. And while you are learning some password cracking techniques, keep in mind how you might create better, less crackable passwords in the future.

If you’re running an Apache web server, you should most definately give this short how-to a try. Security Testing your Apache Configuration with Nikto is super simple to follow and you might find the results surprising (like I did).

This is the best guide I have found for configuring OpenSSH on Windows for Public Key Authentication. PK authentication makes it possible to ssh to a remote system without the need for a password (which can be dangerous) during tasks that you would like to automate, like backups or syncronization of two systems.