FTP vs SFTP vs FTPS vs SCP/SSH

March 12, 2016

FTP is the historically standard protocol for copying files from one computer to another over a network connection (TCP/IP, so any host on today's Internet, but it wasn't always the case). Many people including many developers learned how to use an FTP client on Windows in order to connect to a server and upload and download files.

Stop using FTP!

FTP is not secure for the same reason that HTTP is not secure and why there's a movement (Let's Encrypt) to move every website to use TLS, i.e. HTTPS instead of HTTP. The reason HTTP and FTP are not safe is that they are not...

Read more about FTP vs SFTP vs FTPS vs SCP/SSH

What is a pseudo-random number generator (PRNG) and why do they matter?

crypto random prng security

January 11, 2016

Recently, a problem was discovered in the pseudo-random number generator which Google Chrome and Node.js's V8 JavaScript engine uses and depends on. The problem was that a pattern was discovered in the series of numbers which the RNG algorithm produced, meaning you could guess the "random" outcome at a probability higher than chance, giving you an advantage - whether the application is breaking encryption or passwords or beating games of chance.

Edward Snowden, who had worked for the CIA, warned of problems or backdoors in hardware random number generators which many computers...

Read more about What is a pseudo-random number generator (PRNG) and why do they matter?