Categories

Archives

Lenovo website DNS record hijacked

This has not been Lenovo’s finest hour. First, security experts found that Lenovo was shipping Superfish adware, which turned out to have malware potential. Then, the company completely mishandled the news about it, simultaneously declaring it to be both a security concern and not one. Spoiler alert: Superfish was a major security foul-up. Now, the […]

How to remove Superfish adware from your laptop

No one likes crapware–the adware and trial software that PC and smartphone vendors put on their devices. Until recently, though we rarely got actual malware installed on new computers. Now, thanks to Lenovo and Superfish Visual Discovery adware, we didn’t merely get injected ads in our search engine results, we also had our computer doors […]

Mission: Funding all those small but important open-source projects

In 2014, OpenSSL had a gigantic security problem: Heartbleed. Its root cause? A combination of blind trust in the open-source programming method and a shoe-string budget. Less than a year later Werner Koch, author and sole maintainer of the popular Gnu Privacy Guard (GnuPG) email encryption program, revealed he was going broke supporting GnuPG.

Koch’s […]

Fed up with Adobe Flash? Make it safer

We’re addicted to Adobe Flash, and it’s time to break the habit. In the last three months, multiple Flash security holes have been found and exploited. In the last two weeks alone, security expert Brian Krebs has reported that Adobe has released three emergency Flash security patches. Enough already.

Fed up with Adobe Flash? Make […]

GHOST, a critical Linux security hole, is revealed

Researchers at cloud security company Qualys have discovered a major security hole, GHOST (CVE-2015-0235), in the Linux GNU C Library (glibc). This vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords.

Qualys alerted the major Linux distributors about the security hole quickly and most have now released […]