Follow Slashdot stories on Twitter


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Security Journalists Fail to Protect Themselves (

Mirko writes: "A recent survey of the cyber security habits of the working press raises interesting questions about the practices of users in general. In spite of the high visibility the media has given to cyber security, members of the press are dropping the ball in efforts to protect themselves against online threats. The survey found that 80 percent of media staff rarely or never inform their network administrator of online security concerns they encounter. More than half don't change their passwords, or rely on their company to do it for them, even though 13 percent have experienced critical data loss or system failure due to malware to their systems."

Submission + - Null-prefix SSL Attacks Now In The Wild

An anonymous reader writes: Moxie Marlinspike, who recently published new attacks on SSL at Defcon 17, seems to have released the new version of sslsniff which supports these attacks. While the release appears to coincide with a patch from Mozilla, every product that uses the Microsoft CryptoAPI is still vulnerable, including Internet Explorer and Outlook. The new version of sslsniff also supports built-in modes for hijacking software auto-updates that depend on SSL, and apparently includes techniques for defeating OCSP as well — making the elimination of existing null-prefix certificates difficult.

Slashdot Top Deals

"my terminal is a lethal teaspoon." -- Patricia O Tuama