All posts tagged vulnerability

I don’t want my light bulbs on the Internet

I heard this week that the first vulnerability in smart light bulbs has been discovered–they can leak your wifi password. I suppose I can take comfort in the cost of the bulbs–they cost $129, which means not a lot of people will have them, in a world where people complain about paying $5 for an […]

The Tampa Post on “Windows Service Center” scams

The Tampa Post’s technology Q&A columnist received a letter this weekend (toward the bottom of the link) about Windows tech support scammers. From the article: The people performing the hoax sound remarkably professional and officious. Depending on what you say to them, results vary a lot. When they call me, they’re anything but professional. Especially […]

Microsoft was wrong whether it patched XP this time or let it burn

Years ago I heard a joke that reminds me of the situation Microsoft found itself in last week with its latest IE vulnerability: If a man is alone in a forest, and there’s no woman there to hear him, is he still wrong? I was as shocked as anyone when Microsoft released just one last […]

The publicity around security is a good thing

On one of the podcasts I listen to, two of the hosts questioned whether the publicity around recent security vulnerabilities are a good thing. As a security professional who once studied journalism, I think it’s a very good thing, and it’s going to get better. I liken it to the rise of computer virus awareness.

How to patch less

One of my former supervisors now works for a security vendor. He told me the other day that someone asked him, “Does your company have anything so I don’t have to patch anymore?” The answer, of course, is that there’s nothing that gets you out of ever having to patch anymore. To some degree you […]

More about Pfsense, the alternative to the crappy consumer router

I spent some time over the weekend playing with Pfsense, and I can’t say much about it other than it does what it says. I didn’t throw a ton of hardware at it–the best motherboard I have laying around is a late P4-era Celeron board, and the best network card I could find was, believe […]

Consumer routers are the security vulnerability of the year, so far

Today I found an article in PC World that gives a somber assessment of the state of consumer routers, like the device that probably sits between you and the Internet. I’m glad this is getting attention. There’s a lot more to it than what’s in the PC World article, but I’ve droned enough about what’s […]

Read this if you have a D-Link router

Leave it to a security vulnerability to interrupt a perfectly good discussion, but it doesn’t get much worse than this. If you have an older D-Link router, it’s possible to completely bypass the authentication on its administrative web interface.

The trouble with routers

I see the advice going around, again, to disable the Windows firewall and rely on an external router, the justification being that it makes your computer “invisible.” It doesn’t. Only IPV6 can do that–and then, only if you don’t use it for anything. The trouble with that advice is that there are botnets targeting routers. […]

Reports of the Droidpocalypse have been greatly exaggerated

I was listening to the excellent Risky Business analysis of the Droidpocalypse  this week, and I’m happy to report that the vulnerability that affects 90% of Android devices ever made, while serious, is vastly overstated.