Extinguishing Firesheep for safe WiFi browsing
Firesheep has already taught 750,000 people how to hijack your unencrypted WiFi sessions with a single click. So here's how to extinguish Firesheep with a technological defence that you can put...
View ArticleOracle issues rare out-of-band update for Apache DDoS vulnerability
Giant enterprise database company Oracle has published an out-of-band security update for the recent Apache DDoS vulnerability. Out-of-band updates from Oracle are rare, so this one spells one word,...
View ArticleIs your smartphone telling every website you visit your telephone number?
O2 mobile users in the UK are venting on Twitter today, fuming at their discovery that their phone number is being shared with every website that they visit over the network. But users of other mobile...
View ArticleSecurity spill at the IEEE
By its own account, the IEEE is the world's largest professional association for the advancement of technology. Not quite the organisation you'd expect to store 100GB of HTTP logs in a world readable...
View ArticleCERN Geneva celebrates 20 years of the World Wide Web
It was twenty years ago today/That the World Wide Web came out to play... On 30 April 1993, CERN Geneva officially put the Web, and the early client and server side software that made it work, into the...
View ArticleHow much security would you expect in a $60 light globe?
"Honey, why are the lights flashing 'URPWN3D' in Morse code?" If you spent a cool $60 each on light globes (bulbs) from the Apple store... ...how much security would you expect?
View ArticleHTTP error code 451: "Unavailable For Legal Reasons"
You're probably familiar with the number 404: "Web Page Does Not Exist." But you probably haven't heard of 451, a new proposal with an interesting etymology. Paul Ducklin takes a look...
View ArticleNext version of the web will have resistance to surveillance at its core
The Internet Engineering Task Force is planning changes to the fundamental protocol that powers the web to make it more resistant to surveillance.
View ArticleSSCC 183 - It's Data Privacy Day! Do something! [PODCAST]
From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!
View ArticleHow one man could have deleted any photo album he could see on Facebook
Facebook is probably the biggest collection of photographs ever assembled so it would be pretty bad if one man could delete every last one of them with his phone. Thankfully that's what Laxman Muthiyah...
View ArticleUpdate Tuesday, April 2015 - Urgent action needed over Microsoft HTTP bug
We don't usually focus on one vulnerability and say, "Do that first." But this month, we're willing to make an exception. The Microsoft HTTP stack has a bug that could let attackers straight in with a...
View ArticleD-Link router user? Keep your ears and eyes open for the next firmware fixes!
A critical bug that leaves various D-Link routers wide open has apparently been patched... ...except that the patches need patches. Watch out!
View ArticleWelcome to HTTP error code 451: Unavailable for legal reasons
It's meant to let you know that you're not seeing what you want to see because a site's been blocked for legal reasons, be it censorship or otherwise.
View ArticleGoogle to slap warnings on non-HTTPS sites
HTTP sites, Google's coming for you with its red "Not Secure" paint brush: exclamation mark, triangle and all!
View ArticleFirefox locks down its future with HTTPS ‘secure contexts’
Firefox developers must start using ‘secure contexts’ for new features “effective immediately.”
View ArticleYou have five months to switch your website to HTTPS
Starting in July, Google Chrome will mark all HTTP sites as ‘not secure’.
View ArticleChrome drops ‘secure’ label for HTTPS websites
When it comes to browser security, how important are the address bar icons and labels that tell users about a site’s security status? For Google at least, they matter a lot.
View ArticleWhy your website is officially ‘not secure’ from today
Chrome will mark all HTTP sites as "not secure" starting on Tuesday - an important milestone on the road to HTTPS everywhere.
View ArticleHTTP/3: Come for the speed, stay for the security
Key personnel at the Internet Engineering Task Force (IETF) have suggested basing the next version of a core web protocol on Google technology.
View ArticleFBI warns users to be wary of phishing sites abusing HTTPS
Why you shouldn't trust a website simply because it's secured using HTTPS and backed by the green padlock symbol.
View Article
More Pages to Explore .....