DROWN SSLv2 Vulnerability Rears Ugly Head, Puts One-Third of HTTPS Servers At Risk – TrendLabs Security Intelligence Blog

 

A “new” and important vulnerability has been discovered that affects HTTPS and other services that rely on SSL/TLS implementations. This flaw is in the SSLv2 protocol, and affects all implementations. Researchers refer to this attack as DROWN – short for “Decrypting RSA using Obsolete and Weakened eNcryption”. This attack allows attackers to read or steal information sent via the “secure” connection. No attacks in the wild are currently known.

Source: DROWN SSLv2 Vulnerability Rears Ugly Head, Puts One-Third of HTTPS Servers At Risk – TrendLabs Security Intelligence Blog

Ten Laws of Security

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it’s not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn’t practically achievable, online or offline.
Law #10: Technology is not a panacea.

Continue reading “Ten Laws of Security”

New police crowd control system with sound.

As technology advances and our society evolves, so does everything that comes with: social protest, human rights, privacy, justice, law enforcement, education, etc.

The Police Department of New York recently used an LRAD (Long Range Acoustic Device). It is a portable sound speaker designed to scare people away with sound. But there is more to it than scaring people away and dispersing a crowd. Even if you would be able to withstand the ‘fear’ that would overcome, and decide to remain in place, you would be overwhelmed by agony, confusion and pain. It was deployed for the first time during the Ferguson riots, and it seems to become a wanted item for Police departments.

 

The LRAD device is developed by LRAD Corporation, formerly known as the American Technology Corporation.

 

Source: The New Sound of Crowd Control