After upgrading to Mavericks a while back, I've suffered much grief. It's full of frustrating little bugs that add up to a really insufferable user experience. Today I was searching for fixes for some of the more persistent issues, and I came across something a lot scarier than scrolling and graphics issues. Apparently there is a security vulnerability with SSL in Mavericks that could allow hackers to intercept private data (thought ought to be encrypted via SSL). Scary business. Anyway, an OS update is speculated to be just around the corner that will address this issue (and hopefully some of the other annoyances).
Reuters article
********************************
3/2/14 Update
Sunday, February 23, 2014
Sunday, February 16, 2014
Target Credit Card Hack Follow-Up
Here's an interesting follow up to something that was in the news a few weeks ago. I originally posted about it here. Apparently, the criminals were able to gain access through exploits in connections with vendors. There's some really interesting stuff in this article, and it seems clear that these are issues that should be given more concern.
Article Source
Article Source
Sunday, February 9, 2014
BGP: More Panic-Inducing Data Theft
Regarding Wired's article, "Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet."
What's so crazy about stories like this is that they are so common. The fact that researchers were warning about this very type of vulnerability us far back as 6 years ago (and yet, here we are), is crazy. The article brings up two points that are individually threatening, but combined are pretty terrifying.
1: "The stakes are potentially enormous, since once data is hijacked, the perpetrator can copy and then comb through any unencrypted data freely — reading email and spreadsheets, extracting credit card numbers, and capturing vast amounts of sensitive information."
2: this was largely government and corporate data being hijacked. This means that potential crimes could range from large-scale credit card theft, to potential national security risks. That is to say, it all depends on who was doing the re-routing and what their intentions are. Scary stuff.
Source.
What's so crazy about stories like this is that they are so common. The fact that researchers were warning about this very type of vulnerability us far back as 6 years ago (and yet, here we are), is crazy. The article brings up two points that are individually threatening, but combined are pretty terrifying.
1: "The stakes are potentially enormous, since once data is hijacked, the perpetrator can copy and then comb through any unencrypted data freely — reading email and spreadsheets, extracting credit card numbers, and capturing vast amounts of sensitive information."
2: this was largely government and corporate data being hijacked. This means that potential crimes could range from large-scale credit card theft, to potential national security risks. That is to say, it all depends on who was doing the re-routing and what their intentions are. Scary stuff.
Source.
Sunday, February 2, 2014
Shields Up!
We did an activity in class that I thought would be worth sharing for anyone who happens to stumble across this blog. Gibson Research Corporation has a webtool that allows you to test all of your TCP ports, and reports which are close, stealth, or open. It's graphical and really easy to understand. At first I didn't realize, but you can mouse-hover over each individual block (representing a port) and it will give some information about it including the port number and name, and what services are provided. Sounds fun, right?
Click here, then click the 'proceed' button. When the next page loads, click the grey button that reads 'All Service Ports', and let it do it's thing. When it finishes, you'll have a very readable report. Make sure to scroll down and read through the rest of the information on the page as well, it's informative and fairly "noob-friendly."
Click here, then click the 'proceed' button. When the next page loads, click the grey button that reads 'All Service Ports', and let it do it's thing. When it finishes, you'll have a very readable report. Make sure to scroll down and read through the rest of the information on the page as well, it's informative and fairly "noob-friendly."
Subscribe to:
Comments (Atom)