Archive for February, 2012

7-Zip File Compression Utility

  7-Zip is a freeware file compression tool. If you think Winzip or other paid file compression tools are expensive 7-Zip is a great alternative.

With 7-Zip You can compress and extract: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM compressed files and extract: ARJ, CAB, CHM, CPIO, CramFS, DEB, DMG, FAT, HFS, ISO, LZH, LZMA, MBR, MSI, NSIS, NTFS, RAR, RPM, SquashFS, UDF, VHD, WIM, XAR and Z. That covers about all the major file compression types. 7-Zip also allows you to create password protected zip files using AES-256 encryption (but also remember the length and complexity of the password you use is also important to ensure protection of encrypted data).

Although the user interface of 7-Zip is not very polished don’t underestimate the 7z file compression efficiency, 7-Zip compresses to 7z format 30-70% better than to zip format.

You can download 7-Zip from – http://7-zip.org

We will talk about other great free software in the future. Using the free tools we talk about in this blog you can enjoy the features of paid software without having to spend money. Please say no to software piracy; always look for a free alternative if paid software is too expensive.

 

SSL and Trust

         In a previous post we discussed how SSL was developed & how SSL and certificate authorities (CA) help to protect information that is transferred over the internet. But recently there had been a lot of talk about the trustworthiness of certificate authorities. This discussion was sparked by the discovery of a certificate authority being compromised by hackers. Using this CA hackers manage to issue fake certificates for Google, Yahoo!, Mozilla, WordPress and others. Not long after, another widely used CA was hacked, at present at least four CAs are suspected to have been compromised.
The problem is any trusted root CA or a sub CA can issue a certificate for any w

ebsite on the internet. If the certificate is requested through standard certificate request process the CA would generally validate the ownership of the site, but if a hacker manages get control of the CA they can issue certificates for any site they wish. Root certificates of all trusted CAs are stored on popular web browsers like IE, Firefox and Chrome. Because of this any certificate, even a fake one, issued by a trusted root CAs is displayed as a trust SSL encrypted website.
Several alternatives have been suggested recently like DNSSEC and certificate pinning but for the foreseeable future certificates authorities will continue to be the primary method of site identity verification. Although there had been security breaches, SSL & certificate authorities continue to protect millions of transaction every day.