Already a member? Log in

Sign up with your...

or

Sign Up with your email address

Add Tags

Duplicate Tags

Rename Tags

Share It With Others!

Save Link

Sign in

Sign Up with your email address

Sign up

By clicking the button, you agree to the Terms & Conditions.

Forgot Password?

Please enter your username below and press the send button.
A password reset link will be sent to you.

If you are unable to access the email address originally associated with your Delicious account, we recommend creating a new account.

ADVERTISEMENT
ADVERTISEMENT

Links 1 through 10 of 404 by Justin Mason tagged security

Share It With Others!

'a transparent TCP and UDP proxy. It can be used to get at those hard to intercept network streams, assess those tricky mobile web applications, or maybe just pull a prank on your friend.'  basically, cause wifi clients to associate with an Ubuntu host, then sniff their packets

Share It With Others!

OCSP doesn't work -- the browser vendors have failed to implement it safely

Share It With Others!

pointing the finger at the Iranian state; various login URLs for GMail, Yahoo! Mail, Hotmail, and something called "global trustee" (wtf)

Share It With Others!

'If I had to make a bet, I'd wager that an attacker was able to issue high value [SSL] certificates, probably by compromising [the USERTRUST SSL certificate authority] in some manner, this was discovered sometime before the revocation date, each certificate was revoked, the vendors notified, the patches were written, and binary builds kicked off - end users are probably still updating and thus many people are vulnerable to the failure that is the CRL and OCSP method for revocation.' It seems addons.mozilla.org was one of the bogus certs acquired. Major ouch. Thanks to EFF/Tor et al for investigating this -- SSL cert revocation is a shambles

Share It With Others!

'I would like to call it "B.E.S.T. Scanner" so people kind of get stuck calling it "the best scanner". We can figure out what BEST means later.' omgwtf. Is this guy 12 years old?

Share It With Others!

the story of Ramnicu Valcea -- Romania's Silicon Valley of phishing

Share It With Others!

'When demonstrating FareBot, many people are surprised to learn that much of the data on their ORCA card is not encrypted or protected. This fact is published by ORCA, but is not commonly known and may be of concern to some people who would rather not broadcast where they’ve been to anyone who can brush against the outside of their wallet. Transit agencies across the board should do a better job explaining to riders how the cards work and what the privacy implications are.' (via Boing Boing)

Share It With Others!

Visa's atrociously-designed "security" program is now being used by criminals to process their credit-card payments, allegedly

Share It With Others!

ie. the same value as the PHP bug. 'Konstantin [Pressier] reported this problem to Oracle three weeks ago, but is still waiting for a reply.' good job, Oracle!

Share It With Others!

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT