Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Encryption

Submission + - SSL Vulns Found in Critical Non-Browser Software (threatpost.com)

Gunkerty Jeb writes: The death knell for SSL is getting louder.

Researchers at the University of Texas at Austin and Stanford University have discovered that poorly designed APIs used in SSL implementations are to blame for vulnerabilities in many critical non-browser software packages.

Serious security vulnerabilities were found in programs such as Amazon’s EC2 Java library, Amazon’s and PayPal’s merchant SDKs, Trillian and AIM instant messaging software, popular integrated shopping cart software packages, Chase mobile banking software, and several Android applications and libraries. SSL connections from these programs and many others are vulnerable to a man in the middle attack.

DRM

Submission + - Amazon remote-wipes user's Kindle with no real explanation (bekkelund.net)

Rudisaurus writes: "Think those e-books on your Kindle are yours? Think again! Amazon has reached out over the web and remote-wiped a user's Kindle. When asked why, Amazon's only explanation is that they somehow associated the user's account with another which they had deemed involved in nefarious activity. Further requests for details were simply stonewalled. Nice!"

Slashdot Top Deals

MATH AND ALCOHOL DON'T MIX! Please, don't drink and derive. Mathematicians Against Drunk Deriving

Working...