I spent some time over the weekend playing with Pfsense, and I can’t say much about it other than it does what it says. I didn’t throw a ton of hardware at it–the best motherboard I have laying around is a late P4-era Celeron board, and the best network card I could find was, believe […]
Today I found an article in PC World that gives a somber assessment of the state of consumer routers, like the device that probably sits between you and the Internet. I’m glad this is getting attention. There’s a lot more to it than what’s in the PC World article, but I’ve droned enough about what’s […]
I was listening to the excellent Risky Business analysis of the Droidpocalypse this week, and I’m happy to report that the vulnerability that affects 90% of Android devices ever made, while serious, is vastly overstated.
A few years ago, Microsoft quietly released a security tool called EMET–the Enhanced Mitigation Experience Toolkit. EMET is now in version 4.0, and it’s probably the best security tool you’ve never heard of. And that’s a real shame. Modern versions of Windows and modern CPUs include several security-enhancing technologies that aren’t necessarily switched on by […]
Secunia released its annual vulnerability review, a study of the 50 most vulnerable pieces of software in 2012. It was a fairly tight-three way race at the top, and the distance between #3 and #4 was huge. I was actually surprised at who the top three were. They weren’t the three usual suspects. But in […]
Apple just uncovered and fixed a vulnerability that allowed an exploit to re-enable Java in a browser when it’s been disabled, which then of course allows a litany of exploits. There are two lessons here. Macintoshes are hackable just like any other device, and latent software can be re-enabled. If you don’t think someone’s trying […]
Did you know Adobe released three Flash updates this month? And that every last one of them was absolutely, positively necessary? (At the time. They’re cumulative.) Seriously, you need a computer to keep track of all this stuff. Secunia PSI is a free program to keep track of these updates and pull them down and […]