Even before the recent NSA revelations, increasing interest in online privacy led Nadim Kobeissi to develop Cryptocat, an easy to use, secure, web-based chat client.
Unfortunately, Cryptocat – until recently – had a serious flaw. A programming error limited the total possible secure keys to a number small enough to make cracking them trivially easy. The person who discovered the flaw created a demonstration program, and the flaw was quickly fixed, but Cryptocat had been running in this flawed state for at least seven months, possibly longer.
Anyone using Cryptocat versions earlier than 2.0.42 should upgrade immediately. Cryptocat typically runs as a web browser add-on or plugin.
The next batch of updates from Microsoft will become available starting at about 10am PST on July 9. This month’s patches comprise seven bulletins – four of which are flagged as critical – addressing vulnerabilities in Windows, the .NET Framework, Silverlight, Internet Explorer and the GDI+ subsystem.
It remains unclear exactly what the credit card companies have against VPN services. Virtual Private Networking has many legitimate uses, and VPN solutions are commonplace in the business world. Anywhere remote access to corporate systems is necessary, VPN is just good security. No doubt Visa’s and Mastercard’s true motives will be revealed in the coming days.
The latest installment (warning: PDF) of the user-focused Ouch! newsletter from SANS discusses ‘spearphishing’. As in regular phishing, the goal of the attacker is to gain access to computers, systems and services. The difference is that while phishing is targeted very broadly, spearphishing targets specific companies, organizations or even individuals. Attackers typically use this technique to gain access to valuable targets like banks.
When Microsoft first started talking about making the Windows user interface more like the XBox 360 UI, I wondered if that also meant we would be seeing advertising in Windows 8. I was both surprised and relieved to see that the Windows 8 Start screen was not filled with ads, which alas cannot be said of the XBox 360 UI.
Well, that relief was short-lived. It was recently announced by Microsoft that the search function built into Windows will display advertising, starting with the Windows 8.1 update. As you read the announcement, marvel at the way advertising will “mak[e] it easier for consumers to complete tasks.” Nice try.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.