|
This is the most serious bug you'll hear about this week: the issues identified and fixed in OpenSSH are dubbed CVE-2016-0777 and CVE-2016-0778. Though by the time you read this, it will be less serious.
|
|
|
|
|
bugs 777 & 778. There were more than 700 bugs found in just the last two weeks? Yikes!
Decrease the belief in God, and you increase the numbers of those who wish to play at being God by being “society’s supervisors,” who deny the existence of divine standards, but are very serious about imposing their own standards on society.-Neal A. Maxwell
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
And that are the ones getting public. Who knows how many are just undercovered or just kept in secret to be exploited by the finder?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Well, it is open source, which kinda negates the "secrecy" you claim.
Decrease the belief in God, and you increase the numbers of those who wish to play at being God by being “society’s supervisors,” who deny the existence of divine standards, but are very serious about imposing their own standards on society.-Neal A. Maxwell
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
The secrecy I mean is not related to "open source". It is related to... oh, this bug is reaaaalllyyy difficult to be found and it grants the possibility of XXXX
If the guy is nice, will make it public. If the guy wants to take profit, won't make it public and try to exploit as long as possible.
In other words... it has to do with Ethic and good conscience.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Ah, I see what you mean. There may be some of that. But there is also a well-funded team that is tasked with "debugging" OpenSSH/OpenSSL. So it may be that the first 700 or so bugs were mostly minor.
Decrease the belief in God, and you increase the numbers of those who wish to play at being God by being “society’s supervisors,” who deny the existence of divine standards, but are very serious about imposing their own standards on society.-Neal A. Maxwell
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
I know, but... Was not last year when a quite severe error was found in something being used the last years and supposed very secure?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
True, hence the group was formed and funded.
Decrease the belief in God, and you increase the numbers of those who wish to play at being God by being “society’s supervisors,” who deny the existence of divine standards, but are very serious about imposing their own standards on society.-Neal A. Maxwell
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
GUID generation algorithm 4 fills the GUID with 122 random bits. The odds of two GUIDs colliding are therefore one in 2¹²², which is a phenomenally small number. When you are dealing with rates this low, you have to adjust your frame of reference. Monday Morning Math
|
|
|
|
|
|
Brett asked on Twitter if people would be interested in having him write down the history behind his decision to choose GitHub for Python's future development process and people said "yes"(some literally), hence this blog post. Gather 'round.
|
|
|
|
|
|
Sean Ewington wrote: Gather 'round.
Brought back an old memory;
Come writers and critics
Who prophesize with your pen
And keep your eyes wide
The chance won't come again
And don't speak too soon
For the wheel's still in spin
And there's no tellin' who
That it's namin'
For the loser now
Will be later to win
For the times they are a-changin'.
New version: WinHeist Version Tequila, the nigh time, snuffly, sneezing, how the hell did I end up on the bathroom floor medicine.
|
|
|
|
|
How many people does it take to fix a tractor? A year ago, I would have said it took just one person. One person with a broken tractor, a free afternoon, and a box of tools. I would have been wrong. Welp, throw it out and buy a new one.
|
|
|
|
|
I watched a Defcon video about this.
|
|
|
|
|
And it is not only in the states...
I start thinking that brad pitt was right in the fight club. Maybe is the best, to have a day zero.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Wow! This is what Richard Stallman (Richard Stallman - Wikipedia, the free encyclopedia[^]) has been talking about for over 30 years now.
The original problem he encountered was printer hardware bug and how he coudn't fix it because the software was proprietary and closed -- very similar to the tractor problem.
Amazing how far software has come (and still not changed).
It is a big challenge of course, because there are many people who rip off technology.
|
|
|
|
|
A blog post by ex-Bitcoin developer Mike Hearn has highlighted dysfunctional management right at the top of Bitcoin development. "It's those users, man."
|
|
|
|
|
|
With automakers and technology companies rushing to develop self-driving cars, the Obama administration on Thursday pledged to expedite regulatory guidelines for autonomous vehicles and invest in research to help bring them to market. Back-scratching seems more expensive. Inflation, I guess.
|
|
|
|
|
Twenty nations with significant atomic stockpiles or nuclear power plants have no government regulations requiring minimal protection of those facilities against cyberattacks, according to a study by the Nuclear Threat Initiative. War. War never changes.
|
|
|
|
|
Yahoo Labs has released a record-breaking dataset containing 110 billion interactions from 20 million Yahoo News users in 1.5TB of zipped data. The anonymized data is intended for research initiatives in artificial intelligence, including user-behavior modeling, collaborative filtering techniques and unsupervised learning methods. Thankfully I only read the classiest of news.
|
|
|
|
|
Netflix says it will step up enforcement against subscribers who use VPNs, proxies, and unblocking services to mask their locations. It's as if millions of VPNs suddenly cried out in terror and were silenced
|
|
|
|
|
I suspect this is mainly to keep the media companies happy.
|
|
|
|
|
taps nose
Thanks,
Sean Ewington
CodeProject
|
|
|
|