Since the publication of the attack against RapidSSL’s certificate issuing process, numerous stories have been published about how many SSL certificates are suddenly “unsafe”. The best (or worst) example I’ve seen so far is this one at TG Daily. It starts with the following statement:
Microsoft has just shown the world what the consequences of a relatively small programming mistake can be. In this case, it’s a classic “off-by-one” error in the clock driver of the Zune mediaplayer: year = ORIGINYEAR; /* = 1980 */ while (days > 365) { if (IsLeapYear(year)) { if (days > 366) { days -= […]
A presentation at 25C3 today detailed how researchers were able to create their own Certificate Authority that is recognized by all current webbrowsers, allowing them to create valid certificates for any website they like. While it’s presented as an example of why using MD5 hashes is considered harmful, it also serves as a perfect example […]
Graham Cluley warns people about a new wave of phishing attempts being sent via Google Calendar. These are legitimate mails, receiving via Google Calendar, from Google’s mailservers, looking just like a real invitation for a meeting or party. In fact, it is just that. A phisher creates a fake Gmail account, sets up a meeting […]
This is a bad week for browser security; not only is Microsoft rushing out an emergency patch tonight, other browser makers are releasing their own updates as well as people worldwide go online to do their Christmas shopping. Opera released version 9.63 of their browser yesterday, fixing several security issues. The most critical ones allow […]
Microsoft has just announced that a fix for the critical bug in Internet Explorer 5, 6 and 7 is to be published tomorrow. As usual, there will be webcasts detailing the fixes: Microsoft is hosting two webcasts to address customer questions on these bulletins: on December 17, 2008, at 1:00 PM Pacific Time (US & […]
And it’s not because Twitter is buying tons of Dell gear; Dell is using Twitter for advertising, and people are willingly signing up to receive these messages. Quoting InternetNews: Less altruistically, some businesses have discovered that Twitter is an effective way of communicating with consumers. Dell (NASDAQ: DELL) says Twitter has produced $1 million in […]
That might sound like a stupid thing to ask. If your account is emptied, you surely did something wrong. You were careless with your password, didn’t update your virus scanner, clicked some links in a spam message that happened to install malware, et cetera. Right? So what happens when that’s not what happend? What if […]
Your first answer might be “nothing at all”, but that is not entirely true. Both Amazon and wikipedia.org host an image of the album cover of the Virgin Killer album by The Scorpions. The image has been on Amazon.com for at least 10 months and on wikipedia.org since april 2007, but somehow it’s become big news […]
Europeana, the pan-European digital library that went down shortly after their launch, has provided some additional details about why the site was taken offline. There are some interesting numbers in the documents that were published. Let’s start with the facts that were already published: The site received an unexpected amount of visitors after the launch […]
