I really must hand it to Microsoft. For all of the bad publicity and general ill will that a lot of people harbor toward them, they still want to help the little guy out - even when that little guy is running Linux.
(Just for clarification, this does not involve the real Microsoft.)
A few minutes ago I received a call to my cell phone from a rather nice, if somewhat hard to understand, gentleman who informed me that Microsoft had received highly unusual traffic from my computer.
"How did they get my number," I thought to myself. "Must be some lucrative agreement with the NSA."
Directing my attention back to the kind soul on the other end of the line, no doubt a descendant of those long oppressed by the British Empire in their search for the perfect curry blend, I asked for more information. He went on to say that the insidious network traffic was being sent as we spoke.
Tuesday, October 21, 2014
Monday, October 20, 2014
Who let the dogs out?
Here we go again - yet another "major" security vulnerability. This time it is SSL 3.0 (why is anyone even using this anymore?) that has fallen victim. Read more about the POODLE exploit at US-CERT.
Edit: The plot thickens! This might be a good thing...
After reading a bit more on the subject, I realized that there might be a silver lining to this dark dog-shaped cloud after all. All modern browsers support TLS and only fall back to SSL as a failsafe, so disabling SSL should not present an issue. Notice that I said modern. How many web developers out there consider IE6 and its nearly fossilized users to be thorn in their side? Yes, there are some entities that insist on maintaining compatibility with this dinosaur of a browser. Guess what IE6 does not support? You guessed it... TLS! What better reason to justify discontinuing support for IE6?
Edit: The plot thickens! This might be a good thing...
After reading a bit more on the subject, I realized that there might be a silver lining to this dark dog-shaped cloud after all. All modern browsers support TLS and only fall back to SSL as a failsafe, so disabling SSL should not present an issue. Notice that I said modern. How many web developers out there consider IE6 and its nearly fossilized users to be thorn in their side? Yes, there are some entities that insist on maintaining compatibility with this dinosaur of a browser. Guess what IE6 does not support? You guessed it... TLS! What better reason to justify discontinuing support for IE6?
 |
| sed 's/WINDOWS XP/INTERNET EXPLORER 6/' |
Wednesday, October 1, 2014
Are you patched?
I'm sure by now you've heard of the Bash vulnerability Shellshock. Not going to beat a dead horse, but if you haven't patched yet, stop reading this and do it now! After you're done, check out shellshocker.net and see if you're still vulnerable.
Friday, August 15, 2014
The future of IT
Ran across this amazing video the other day where the self-described "NextGenHacker101" graciously shares his expertise in network forensic techniques:
Poor kid should stick to a Mac.
Poor kid should stick to a Mac.
Subscribe to:
Posts (Atom)