Notices tagged with security
-
theru (theru)'s status on Tuesday, 19-Sep-2017 14:51:55 UTC 
theru
check your droplet #security http://www.securityweek.com/digitalocean-warns-vulnerability-affecting-cloud-users -
dcapeletti (dcapeletti)'s status on Friday, 15-Sep-2017 10:08:42 UTC 
dcapeletti
#KDE Joins #Purism in an Attempt to Build World’s First Privacy-Focused #Smartphone
https://quitter.es/url/1170368
Purism’s #crowdfunding campaign : https://puri.sm/shop/librem-5/
#GNU #Linux #Purism #PureOS #Librem5 #smartphone #security #privacy #KDE #Plasma #PlasmaMobile -
ԜаӀtеr Ⅼарсһуnѕkі (wxl)'s status on Tuesday, 12-Sep-2017 22:23:20 UTC 
ԜаӀtеr Ⅼарсһуnѕkі
so Mozilla is still working on the plans to eliminate poorly managed Symantec-issued certificates from Firefox, but perusing the mozilla.dev.security.policy list it sounds like they're more or less going to stick with Google's plan.
There is one interesting bugaboo: DigiCert recently acquired Symantec's assets. So now dealing with this is kind of on them:
https://www.digicert.com/blog/digicert-to-acquire-symantec-website-security-business/ -
ԜаӀtеr Ⅼарсһуnѕkі (wxl)'s status on Tuesday, 12-Sep-2017 00:21:46 UTC
ԜаӀtеr Ⅼарсһуnѕkі
SSL-using sysadmins note that Chrome will remove trust in Symantec-issued certificates issued before 1 June 2016, including Thwate, VeriSign, Equifax, GeoTrust, RapidSSL. Mozilla just updated their Root Store Policy, but it's not clear that they're doing the same, even though it was their mailing list that identified the problem. They're using a DigiCert certificate (like $work) so at least THEY don't have to worry. Ironically, the Google Security Blog is using a Symantec certificate, albeit a pretty fresh one.
https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
P.S. Let's Encrypt is all good.
-
Tor Project (torproject)'s status on Friday, 08-Sep-2017 05:54:03 UTC 
Tor Project
We are upgrading our blog! #torproject #tor #security https://blog.torproject.org/we-are-upgrading-our-blog -
Tor Project (torproject)'s status on Tuesday, 05-Sep-2017 15:26:32 UTC
Tor Project
Tor 0.3.1.6-rc is released! #torproject #tor #security https://blog.torproject.org/blog/tor-0316-rc-released -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Saturday, 26-Aug-2017 11:03:08 UTC 
Dr. Roy Schestowitz (罗伊) ✅
#OpenJDK may tackle #Java #security gaps with secretive group
https://www.infoworld.com/article/3219831/java/openjdk-may-tackle-java-security-gaps-with-secretive-group.html#tk.rss_security
the #microsoft way? -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Saturday, 26-Aug-2017 10:55:28 UTC
Dr. Roy Schestowitz (罗伊) ✅
When developers wrongly assume that #security skills are separate from #programming skills https://arstechnica.com/information-technology/2017/08/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse/
-
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Friday, 25-Aug-2017 03:09:41 UTC
Dr. Roy Schestowitz (罗伊) ✅
Well, phones at the lower level were never designed for real #security https://arstechnica.com/information-technology/2017/08/wanted-weaponized-exploits-that-hack-phones-will-pay-top-dollar/
-
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Thursday, 24-Aug-2017 19:52:53 UTC
Dr. Roy Schestowitz (罗伊) ✅
Begging for #security disasters
https://www.coindesk.com/manufacturing-giant-midea-wants-to-put-bitcoin-miners-in-household-appliances/
#bitcoin on 'smart' things -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Thursday, 24-Aug-2017 09:09:01 UTC
Dr. Roy Schestowitz (罗伊) ✅
#Telstra chooses #freesw for #security
https://www.computerworld.com.au/article/626423/telstra-launches-open-source-powered-security-operations-centre/?
http://www.zdnet.com/article/telstra-launches-sydney-cybersecurity-centre/ -
Mike Gerwitz (mikegerwitz)'s status on Thursday, 24-Aug-2017 05:34:41 UTC 
Mike Gerwitz
Some prices on exploits from Zerodium:
https://social.mikegerwitz.com/url/27677
Brokering exploits is extremely harmful and dangerous, because it makes everyone less safe. We've seen it backfire for government entities and private entities alike (e.g. WannaCry/Petya spawned from NSA exploits leaked by Shadow Brokers).
The article mentions NSO Group targeting human rights activist Ahmed Mansoor, which I had strong words for back then:
https://social.mikegerwitz.com/url/7447
#security -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Thursday, 24-Aug-2017 02:12:40 UTC
Dr. Roy Schestowitz (罗伊) ✅
#Crunchy Data Unveils Open Source #Security Compliance Automation Platform
http://blog.executivebiz.com/2017/08/crunchy-data-unveils-open-source-security-compliance-automation-platform/
"Upon NGA’s request" -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Thursday, 24-Aug-2017 02:05:46 UTC
Dr. Roy Schestowitz (罗伊) ✅
#Xen Hypervisor Patched for Privilege Escalation and Information Leak Flaws
https://thenewstack.io/privilege-escalation-information-leak-flaws-patched-xen-hypervisor/
#security #freesw -
🇵🇭📷 YUKI 🕹🍓 (yahananxie)'s status on Thursday, 24-Aug-2017 01:17:10 UTC 
🇵🇭📷 YUKI 🕹🍓
When will these stop? " #Google Play Store #Security Scans Tricked by In-Dev #Malware " http://qttr.at/1xco -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Wednesday, 23-Aug-2017 16:03:42 UTC
Dr. Roy Schestowitz (罗伊) ✅
Open source #security software on GovCloud
https://smartcitiesworld.net/news/open-source-security-software-on-govcloud-2032
#freesw -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Wednesday, 23-Aug-2017 14:42:44 UTC
Dr. Roy Schestowitz (罗伊) ✅
#security is something you have (e.g. no back doors from Microsoft/NSA), not something to buy
http://sobersecurity.blogspot.com/2017/08/spend-until-youre-secure.html -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Wednesday, 23-Aug-2017 07:37:40 UTC
Dr. Roy Schestowitz (罗伊) ✅
Dumping Data from Deep-Insert Skimmers https://krebsonsecurity.com/2017/08/dumping-data-from-deep-insert-skimmers/ #security
-
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Tuesday, 22-Aug-2017 06:31:19 UTC
Dr. Roy Schestowitz (罗伊) ✅
#Landlock Aims To Yield Powerful #Security Sandboxes For #Linux
http://www.phoronix.com/scan.php?page=news_item&px=Landlock-LSM-v7-Linux
Landlock Linux Security Module (LSM) -
Dr. Roy Schestowitz (罗伊) ✅ (schestowitz)'s status on Tuesday, 22-Aug-2017 05:48:05 UTC
Dr. Roy Schestowitz (罗伊) ✅
#pfSense 2.4.0-RC just released https://www.pfsense.org/ I've used it before, nice GUI and back end. #security #unix #bsd
All Federati Nu: Federated N-series GNU Social content and data are available under the