Adversarial ML in Wireless?

So far we have seen so many machine learning (ML) papers in computer vision, from object detections to activity recognitions. There have been tons of papers doing the good, and the same that many are doing the bad thing, namely adversarial ML. Many papers are now following the trend to attack existing well-trained ML models. One example is by wearing a glass with special colors designed, the guy can be recognized as someone else, by machines (shown as the figure below). You can find many many papers on this topic. Continue reading Adversarial ML in Wireless?

Switch From StartSSL/StartCom To Let's Encrypt (Enable HTTPS For Websites)

Last year I was suggesting to use StartSSL/StartCom to get free SSL certificates and easily enable HTTPS for websites. Apparently now Chrome and Firefox have distrusted their certificates and considered my site as a "malicious" site after then. I went online and looked for alternatives and Let's Encrypt is a really great service (free & more freedom). Here I log the process how did I switch to certificates with Let's Encrypt.

In this log/tutorial, I assume websites have already enabled SSL (e.g., using conf.d in httpd as demonstrated in this earlier post) and are using Apache version less than 2.4.8. Also, I'm using Debian 7. Otherwise, try to follow instruction here. Continue reading Switch From StartSSL/StartCom To Let's Encrypt (Enable HTTPS For Websites)

SSL Issue Resolved

Finally get some time to fix the certificate issue. Long story short, I was using StartCom's StartSSL Class 1 as my root certificate authority. It is free and easy to use (until recently). Chrome had decided not to trust this company due to some issues a while ago but I never paid attention to it. And recently the update of Chrome browser had decided to not trust my website due to this and said


Your connection is not private

Blah blah blah. In short, that treated my site as a potential malicious site.

But my stuff are all legit and do no harm to anyone.

So I now switched to Certbot. I will write some details about switching to Certbot shortly.

VPS Setup Record - SSH Security

The VPS info I have is listed in VPS Setup Record - Basics, and I have talked about how to install LAMP at VPS Setup Record - LAMP. This is a follow-up post that targets at making our VPS more secure. Remember, to use vim to edit files, you need to press i to start inserting. When you finish, type on your keyboard :wq to save and exit.

Using Strong Password

The first thing is to make the password stronger and harder to be hacked. A good password should include at least one capital letter, one number, and one symbol. It should be of length > 8, and it should NOT contain any commonly used password like what has been listed here.

Use a password manager if you are afraid of forgetting the passwords. Get a trustable password manager as listed here. Continue reading VPS Setup Record - SSH Security

Brief Review about Protocol Security

There are many application-level protocols in networks. There are File Transfer Protocols like ftp, scp, and sftp. There are Mail Protocols like smtp, pop, and imap. There are Web Protocols like http 1.0, 1.1, and 2.0. And there are many more. But they are not that secure. Continue reading Brief Review about Protocol Security