Forgot your password?
typodupeerror
Security

+ - SSL at Risk from Insecure Cookies->

Submitted by darthcamaro
darthcamaro (735685) writes "If you've got an SSL secured site but you haven't bothered to set the SECURE flag on your web application server cookies, your SSL isn't worth anything. According to security research firm Qualys, 94 percent of the top 300,00 SSL secured sites aren't using secure cookies. And people wonder why there are so many site breaches..."
Link to Original Source

Comment: Re:Commercial databases (Score 1) 509

by GP1911 (#36705230) Attached to: Facebook Trapped In MySQL a 'Fate Worse Than Death'

Google also uses MySQL for a lot of things. See http://www.mysql.com/customers/view/?id=555

"Google runs critical business systems with MySQL and InnoDB. The systems require 24x7 operation with minimal downtime. The systems support large OLTP and reporting workloads. We are very happy with the scalability, reliability and manageability of this software."

Google and Facebook have worked on many patches and tools for MySQL, and along with work from Percona, MySQL has come a long way as an extremely fast and scalable server in the last few years.

Microsoft

+ - Microsoft, Juniper won't fix dangerous IPv6 hole->

Submitted by
Julie188
Julie188 writes "Security experts are urging Microsoft and Juniper to patch a year-old IPv6 vulnerability so dangerous it can freeze any Windows machine on a LAN in a matter of minutes. The hole is in a technology known as router advertisements, where routers broadcast their IPv6 addresses to help clients find and connect to an IPv6 subnet. Microsoft has downplayed the risk, and refuses to even post a Security Advisory about it, because it says the hole requires a physical connection to the wired LAN. (Experts point out that Microsoft routinely patches less dangerous holes that also require a connection to the LAN.) Juniper says it has delayed a patch because the hole only affects a small number of its products and it wants the IETF to fix the protocol instead. BTW, Linux and Cisco have long ago issued patches. In the past couple of weeks, public disclosure and video demonstrations of how to exploit the vulnerability on Windows have become more available by security professionals trying to get Microsoft to take action."
Link to Original Source

+ - NSA Decodes Extraterrestrial Radio Transmissions->

Submitted by Anonymous Coward
An anonymous reader writes "Fascinating NSA document revealing a cryptographer's efforts to decode extraterrestrial radio transmissions. Makes perfect sense to me that it would be mathematic equations and a periodic "table" — these are universal constants independent of culture and languages."
Link to Original Source

Never underestimate the bandwidth of a station wagon full of tapes. -- Dr. Warren Jackson, Director, UTCS

Working...