If Microsoft thinks old Tor clients are risky, why not Windows XP?
Microsoft has been removing outdated Tor clients, stating that they pose a security threat, but if that's the case, what about other outdated software? Isn't that a threat, too?
A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.
Microsoft has been removing outdated Tor clients, stating that they pose a security threat, but if that's the case, what about other outdated software? Isn't that a threat, too?
The law is open to interpretation when a white hat breaks into a computer system with the intention of helping a business out, but both sides still appear to be breaking the cardinal rule: Don't be a jerk.
Although NSA's elite joint special operations command brags that they've been able to track switched off mobile phones for almost a decade, no one quite knows how they did it.
We laughed at the tin foil nutters, called them crazy, but now that it's been found that the US is spying on everyone, of course they're nowhere in sight now that we need them.
Should we trust that LinkedIn won't do anything bad when we give it our email account credentials? The better question is: Why on Earth are we even doing that in the first place?!
It has the hallmarks of an advanced threat -- compromising the supply chain, being familiar with the server architecture -- but one startup managed to thwart being robbed by having a keen set of eyes and encryption in place.
Yahoo pays US$12.50 for a cross-site scripting vulnerability that could compromise email addresses. Does that mean it doesn't take security seriously? Not necessarily.
The worst happens: Your security vendor is caught out implementing double-decade-old and flawed algorithms to secure your password. But if administrators had picked a good password, it actually doesn't matter.
The incumbent Australian government might be clueless about its cybers when it crows on about the digital economy, but it turns out the Coalition isn't much to look at, either.
Buying a new phone every time you want to make a call is secure, but it's stupid if you want to do anything of value. Likewise, when it looks like companies are adopting a consistent two-factor system, I shake my head when they go in another direction in the interests of "security".
People worry that Google is accepting code from the NSA and pushing it into Android, but really, don't we want some of those code breakers showing us how to do it right?
When is two-factor authentication not? When it's as bypassable as Yahoo's.
Another report, another 'cyber' initiative. But we've been putting these projects, proposals, and plans out for years with very little difference in results or agenda. Which makes me wonder: Do we even understand what the 'cybers' are?
We need to have a lower tolerance for lax security, but we also need to encourage those that are actually trying to do the right thing.
The latest beta version of Red Hat's Fedora operating system now chooses not to mask passwords by default in its installation, but should this become a standard practice?