http://www.metafilter.com/tags/vulnerability Posts tagged with 'vulnerability' at MetaFilter. Wed, 09 Jul 2008 18:57:48 -0800 Wed, 09 Jul 2008 18:57:48 -0800 en-us http://blogs.law.harvard.edu/tech/rss 60 http://www.metafilter.com/73180/And%2DDJBs%2D500%2Dis%2Dsafe%2Dfor%2Danother%2Dday <a href='http://blogs.zdnet.com/security/?p=1460'>A major flaw in the DNS system</a> is promised to be revealed at the next <a href='http://www.blackhat.com/'>Black Hat conference</a>. Convinced it was too important to wait, security researcher <a href='http://video.google.com/videoplay?docid=3470502418262982787'>Dan Kaminsky</a> <small>(video, autoplays)</small> convinced <a href='http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx'>several</a> <a href='http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml'>software</a> <a href='http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1'>vendors</a> to issue emergency patches today, before publicizing details of the attack. <a href='http://blogs.zdnet.com/security/?p=1466'>It can't be that serious though, can it</a>? <a href='http://www.matasano.com/log/1093/patch-your-non-djbdns-server-now-dan-was-right-i-was-wrong/'>Oh yes it can</a>. tag:metafilter.com,2008:site.73180 Wed, 09 Jul 2008 18:57:48 -0800 attack dankaminsky dns exploit flaw hack vulnerability Skorgu http://www.metafilter.com/68938/Fearless <a href="http://www.heart-2-heart.ca/men/page4.html">Why</a> <a href="http://gleez.com/blog/flickalanie/mens-fear">Real</a> <a href="http://www.students.haverford.edu/masar/documents/Fear_of_Men.pdf">Men</a> <a href="http://newscafe.ansci.usu.edu/archive/feb2001/0205_violence1.html">Don't</a> <a href="http://www.apa.org/monitor/julaug99/youth.html">Cry</a> <small>[<a href="http://www.youtube.com/watch?v=gXR3YdA3cjc">YouTube</a>]</small> On <a href="http://blogs.usatoday.com/onpolitics/2007/12/maybe-men-can-c.html"> the</a> other <a href="http://www.womensmedia.com/new/Clark-Nancy-New-York-Times.shtml"> hand</a>. tag:metafilter.com,2008:site.68938 Sat, 09 Feb 2008 12:25:05 -0800 Boys Emotions Expressions Feelings gender Men psychology Sensitivity sterotyping Vulnerability Women hadjiboy http://www.metafilter.com/59820/Introducing%2DJikto <a href="http://news.com.com/Tool+turns+unsuspecting+surfers+into+hacking+help/2100-1002_3-6169034.html?tag=nefd.lede">Klaatu barada...Jikto?</a> First there was <a href="http://www.cirt.net/code/nikto.shtml">Nikto</a>. Then along came <a href="http://www.sensepost.com/research/wikto/">Wikto</a>. Last Saturday at <a href="http://www.shmoocon.org/">Shmoocon</a> <a href="http://portal.spidynamics.com/blogs/spilabs/archive/2007/03/22/Speaking-at-Shmoo.aspx">Billy Hoffman</a> <a href="http://www.nytimes.com/cnet/CNET_2100-1002_3-6170223.html?_r=1&oref=slogin">introduced</a> the world to <a href="http://news.com.com/Tool+turns+unsuspecting+surfers+into+hacking+help/2100-1002_3-6169034.html?tag=nefd.lede">Jitko</a>, a client-side vulnerability scanner that exploits your browser &amp; turns your PC into a platform for finding holes in computers across the Internet (or behind your firewall). <a href="http://www.memestreams.net/thread/bid29678/">Reactions were mixed</a>. <a href="http://jeremiahgrossman.blogspot.com/2007/03/jikto-crossing-line.html">Does Jikto go too far?</a> tag:metafilter.com,2007:site.59820 Wed, 28 Mar 2007 13:40:05 -0800 ajax application client-side computer hacking javascript pentest scanner security vulnerability xss scalefree http://www.metafilter.com/53528/Tinfoil%2Dwallets%2Danyone <a href="http://www.youtube.com/watch?v=-XXaqraF7pI&amp;eurl="><a href="http://travel.state.gov/passport/eppt/eppt_2788.html#One">Technological convenience</a> or <a href="http://eecue.com/RFID_tech.pdf">target identifier?</a></a> In the most recent chapter in the RFID + US Passport story, LA-based security analysts <a href="http://www.flexilis.com/">Flexilis</a>--those of the <a href="http://www.makezine.com/blog/archive/2005/07/_defcon_rfid_wo.html">world record attempt RFID read</a> at last year's <a href="http://www.defcon.org/">DEFCON</a>--noticed a security vulnerability in the RF shielding being proposed for the October release of the next generation US passport. And they made a hell of a <a href="http://www.youtube.com/watch?v=-XXaqraF7pI&eurl=">proof of concept video</a> showing a possible exploit of the vulnerability. tag:metafilter.com,2006:site.53528 Thu, 03 Aug 2006 04:42:33 -0800 defcon flexilis rfid vulnerability quite unimportant http://www.metafilter.com/47134/Signaling%2DVulnerabilities%2Din%2DWiretapping%2DSystems <a href="http://www.crypto.com/papers/wiretapping/">Signaling Vulnerabilities in Wiretapping Systems.</a> The technology used for decades by law enforcement agents to wiretap telephones has a security flaw that <a href="http://www.nytimes.com/2005/11/30/national/30tap.html">allows the person being wiretapped to stop the recorder remotely</a> [<a href="http://www.bugmenot.com/view.php?url=www.nytimes.com">bugmenot</a>]. It is also possible to <a href="http://www.crypto.com/papers/wiretap.pdf">falsify the numbers dialed</a> [pdf]. tag:metafilter.com,2005:site.47134 Wed, 30 Nov 2005 12:59:09 -0800 calea fbi security vulnerability wiretap wiretapping event