Gmail, Security and the vulnerability in SSL/TLS protocol
Back in 2008, Google released a nice feature inside Gmail’s settings where you could opt to enable https throughout your session. That made you feel a little bit safer when browsing your emails using a public WiFi at your local coffee shop. However, the usage of SSL/TLS protocol has one main drawback which is imposing... more »
Wordpress 2.8.5 – The hardening release
Well, well, well… Peter Westwood announced the next version of Wordpress. No, its not the much desired 2.9 version. It’s the 2.85 version aka The Hardening Release, that includes a few fixes (mainly for security) like:
A fix for the Trackback Denial-of-Service attack that is currently being seen.
Removal of areas within the code where php code... more »
OpenBSD 4.6 is here!
We knew it was coming. OpenBSD 4.6 is now available with lots of new features. Except for the several improved hardware support and other improvements, this release includes a few worth-mentioning improvements concerning the pf (Packet Filter), a default system’s software aka one of the most advanced firewall software.
Enabled pf by default in the rc.conf.
Removed... more »
Microsoft Vs Security, one more time
About a year ago (Nov. 18, 2008), Microsoft announced plans for a free anti-malware solution code-named “Morro”. As Microsoft stated, Morro would provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. More specifically:
This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use... more »
WordPress 2.8.4: Security Release
In case you didn’t notice, Wordpress 2.8.4 is out. This security release is supposed to fix a vulnerability that was made public yesterday. It allowed an attacker to bypass a security check to verify a user requested a password reset using a specially crafted URL.
As a result, the first account without a key in the... more »
