Wow more things to worry about, but the net is :
- Update your Windows system now. There is a 19 year old bug found in their SChannel security layer. IBM folks discovered it and allows software you download to take control
- Dark Hotel. This is a targeted attack where people in Hotels get what looks like proper downloads, but people have hacked the certificates for things like Flash Updates to include a payload. Apparently in Japan, but the British GCHQ has a similar targeted program (according to Snowden papers) focused on high value folks who get into hotels.
- 80% of all Americans think privacy is essentially gone and more than 50% think there needs to be more regulations
- Poodle is a hack against SSL 3.0 so you need to make sure the servers you use don’t have SSL 3.0 enabled.
Sent from under my “tin hat” 😉
The net conclusion is:
- Windows needs an update asap
- You really can’t trust downloads anymore even from “legitimate sources” It is too easy to pack payload into it either by hacking the certificate or by compromising the source. Or find someone who has gone through and at least figured which certificates are corrupted or have week encyprtion. Similar to the way that you can check to see which servers have bad SSH.
- Check the servers you use and make sure they don’t have SSL 3.0 enabled. As an aside 30% of all sites that have been scanned there are vulnerable.
![mac: OLCP stuck on boot after root patching and MBP 2014]({"aperture":"0","credit":"","camera":"","caption":"Photo by Anna Tarazevich on <a href="https://www.pexels.com/photo/resume-lettering-text-on-black-background-5598289/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"resume lettering text on black background","orientation":"0"})
![sec: Passkeys are everywhere how do I add to 1Password and Apple Keychain]({"aperture":"0","credit":"","camera":"","caption":"Photo by Oleksandr P on <a href="https://www.pexels.com/photo/person-with-keys-for-real-estate-7599735/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"person with keys for real estate","orientation":"0"})
![net: Argh Google Workspace Price increases keep coming]({"aperture":"0","credit":"","camera":"","caption":"Photo by ATBO on <a href="https://www.pexels.com/photo/black-padded-rolling-armchair-beside-desk-245219/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"black padded rolling armchair beside desk","orientation":"0"})
![av: MOONDROP littlewhite and Variations do rock]({"aperture":"0","credit":"","camera":"","caption":"Photo by Andrea Piacquadio on <a href="https://www.pexels.com/photo/woman-in-white-button-up-shirt-while-listening-to-music-3776839/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"woman in white button up shirt while listening to music","orientation":"0"})
![AV: Truly great Qudelix 5K with MOONDROP Variations Auto-eq (and Schitt Magni Soundsource shutoff)]({"aperture":"0","credit":"","camera":"","caption":"Photo by Shelagh Murphy on <a href="https://www.pexels.com/photo/grayscale-photo-of-people-raising-their-hands-1666816/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"grayscale photo of people raising their hands","orientation":"0"})
![tech: Synology NAS performance is 200 MBps and 500/700 IOPS good?]({"aperture":"0","credit":"","camera":"","caption":"Photo by Pixabay on <a href="https://www.pexels.com/photo/close-up-of-electric-lamp-against-black-background-248747/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"close up of electric lamp against black background","orientation":"0"})
