December 8, 2016

U.S. Government Releases List Of Words They Look For Online

May 31, 2012 Zach Walton

It’s pretty obvious by now that the U.S. government wants to desperately spy on our online activities. Reports that the NSA is building a giant facility to intercept and record our communication are pretty bad, but groups like the NSA and FBI already watch for certain words online all in the name of protecting you from the bad guys. Thanks to the Freedom of Information Act, we now know what those words are. […]

Yahoo Axis Private Certificate Key Leaked at Launch

May 24, 2012 Sean Patterson

Though the security issue has been resolved, Yahoo slightly botched the launch of Axis, its new mobile browser and desktop extension, by leaking its private certificate file in the source code of the Chrome extension. The private certificate was used to sign the extension, and could have been used to create a false extension that would be authenticated as officially from Yahoo. […]

Apple Hires Kapersky Labs To Test Mac Security

May 17, 2012 Shaylin Clark

The Flashback malware threat that recently plagued Mac computers opened a lot of eyes to the fact that Apple’s computers may not be secure as their users have always believed. The Flashback malware attacked users’ Macs by means of a flaw in Java that allowed it to install on users’ computers without their knowledge. Apple ultimately dealt with the problem by releasing a tool that would remove it from infected computers, but not before the malware netted its creators as much as $10,000 per day in stolen ad revenue. […]

Oracle Offers Workaround After Confusion Leads to Zero-Day Disclosure

May 3, 2012 Trevor Boland

Many software developers offer bounty programs for their products. The concept is that someone finds an vulnerability and notifies the developers of the software for a reward. The point is to dissuade hackers from using the vulnerabilities by offering them something “better”(?). Of course one would think that, after the vulnerability is turned in and the reward given, the developer would scramble to correct the issue. Oracle seems to have a different process in place. […]