FreshRSS

πŸ”’
☐ β˜† βœ‡ Naked Security

S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

By Paul Ducklin β€” February 9th 2023 at 19:41
Latest epsiode. Listen now!

☐ β˜† βœ‡ Naked Security

OpenSSL fixes High Severity data-stealing bug – patch now!

By Paul Ducklin β€” February 8th 2023 at 02:58
7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...

☐ β˜† βœ‡ Naked Security

OpenSSH fixes double-free memory bug that’s pokable over the network

By Paul Ducklin β€” February 3rd 2023 at 17:59
It's a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code...

☐ β˜† βœ‡ Naked Security

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

By Paul Ducklin β€” November 3rd 2022 at 17:51
Listen now - latest episode - audio plus full transcript

☐ β˜† βœ‡ Naked Security

The OpenSSL security update story – how can you tell what needs fixing?

By Paul Ducklin β€” November 3rd 2022 at 00:44
How to Hack! Finding OpenSSL library files and accurately identifying their version numbers...

ossl-code-1200

☐ β˜† βœ‡ Naked Security

OpenSSL patches are out – CRITICAL bug downgraded to HIGH, but patch anyway!

By Paul Ducklin β€” November 1st 2022 at 17:24
That bated-breath OpenSSL update is out! It's no longer rated CRITICAL, but we advise you to patch ASAP anyway. Here's why...

☐ β˜† βœ‡ Naked Security

OpenSSL fixes two β€œone-liner” crypto bugs – what you need to know

By Paul Ducklin β€” July 6th 2022 at 16:52
"As bad as Heartbleed"? We heard that concern a week ago, but we think it's less ungood than that...

☐ β˜† βœ‡ Naked Security

S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]

By Paul Ducklin β€” June 30th 2022 at 12:57
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!

☐ β˜† βœ‡ Naked Security

OpenSSL issues a bugfix for the previous bugfix

By Paul Ducklin β€” June 24th 2022 at 15:32
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.

☐ β˜† βœ‡ Naked Security

OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default

By Paul Ducklin β€” April 11th 2022 at 16:58
Useful quantum computers might not actually be possible. But what if they are? And what if they arrive, say, tomorrow?

cat-1200

☐ β˜† βœ‡ Naked Security

OpenSSL patches infinite-loop DoS bug in certificate verification

By Paul Ducklin β€” March 18th 2022 at 17:59
When it comes to writing loops in your code... never sit on the fence!

☐ β˜† βœ‡ Naked Security

Serious Security: OpenSSL fixes β€œerror conflation” bugs – how mixing up mistakes can lead to trouble

By Paul Ducklin β€” December 17th 2021 at 17:57
Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!

☐ β˜† βœ‡ Naked Security

Mozilla patches critical β€œBigSig” cryptographic bug: Here’s how to track it down and fix it

By Paul Ducklin β€” December 3rd 2021 at 17:58
Mozilla's cryptographic code had a critical bug. Problem is that numerous apps are affected and may need patching individually.

❌