What started as an environment of function and usability on Unix systems has devolved in another security exploit mess. US -CERT has the report for both potential exploits now (one was patched) all tools are there for hackers to exploit specific websites running Linux or Unix. That means that there are many websites that … Read more
Wired story of “Project Zero” Although initially the story is a nice feel good story of hiring George Holtz after he hacks the AT&T iPhone lock and reverse engineering the Playstation 3. This is a small window into the life of a hacker – where one can figure out the software security cracks and … Read more
Use LastPass check which allows the user to test a website to know whether it has updated the openssl technology. Some site do not have this type, and may not matter, and others may have openssl and have patched. But yet others may not be aware of this vulnerability… and if that is the case … Read more
Many vendors have put out statements for OpenSSL vulnerability (CVE-2014-0160): This is a vulnerability in the encryption technology (OpenSSL) on websites and other systems. If you cannot safely access websites with encryption technologies it is a bad day on the Internet isc has a full list – list is increasing: But most interesting (to me) … Read more
