Sean Kalinich

Sean Kalinich

Hacking Team's Spyware source code released to the wild after Hack
Published in News

The Italian Security firm Hacking Team is now admitting that their spying software is potentially in the hands of bad guys. After a hack that saw roughly 400GB of company information liberated from their systems they have been monitoring what is being released online. They have now concluded that there is sufficient source code for their monitoring applications to allow someone to mount the same style surveillance that they were providing to their clients.

Cross-Site Scripting Flaw found in US ID Protection Company LifeLock's site
Published in News

Irony is one of those things that is not appreciated by security guys. They do not find humor in it nor do they enjoy it when someone points an ironic situation involving them out. This has to be the case for the privacy company LifeLock. A pair of security researchers (Eric Taylor and Blake Welsh) have found an interesting feature in LifeLock’s web site. The flaw allows for a cross-site scripting attack to be used to do a fair amount of damage including injecting malware.

When you use a search engine like Yahoo or Google you expect to get relevant results for your efforts.  In many cases this does really happen, but often times we enter what we are looking for and find very little that relates to the actual search. One of the reasons for this is (and has been for a long time) the ability of search providers to artificially alter the search results through internal ranking systems.  Google and Yahoo both have done this in the past and in some cases with good reason.

Cisco SSH key bug in virtual security appliances leads to some questions
Published in News

Cisco has acknowledged (and released patches for) a fairly serious security bug in three of their virtual appliances that, oddly enough, are related to security. The three products in question are the Cisco Web Security Virtual Appliance, the Email Security Virtual Appliance and the Security Management Virtual Appliance. These three devices all share a default preinstalled SSH encryption key. This meddlesome little fact means that it is very simple to get into an SSH session because you can grab the key off of another copy of the product. We are pretty sure that the default keys are already floating around on the internet somewhere as well.

Over the course of its development there has been a lot to like about Windows 10. There seems to be a good blend of the traditional Windows desktop with some of the touch-centric features that Microsoft tried to force in Windows 8. You are also getting more than a few performance improvements including DX12. If you have not heard about all of the goodness in DX12 you are in for quite a pleasant surprise. However, despite all of the good there is in Windows 10 there seems to be a group at Microsoft that have still not learned lessons from the past.

When Microsoft and Sony announced the move to x86-64 based gaming consoles some (pronounce that many) in the gaming community were more than a little annoyed that they would not be able to play their older games. Both companies hoped that the move would drive gaming innovation and also get people to buy new games as well as leave the option for developers to create new versions of older games with improved graphics. We saw both of these start to happen during the first few months of the Xbox One and PS4’s life. Now that things are settling down we are finally getting to a time when companies are going to circle back around to those older games.

The term privacy has come to mean a great many things in the last few years. To some the idea of privacy is being able to do or say certain things without the fear of anyone finding out. Most people like to know that what they do on their own time is their business. Where things get a little muddy is when people liken the desire for privacy with a desire to hide wrongdoing. This belief couldn’t be farther from the truth . It is not just that it is wrong, but it is also dangerous. To imply that anyone that wants to have privacy is somehow hiding something illegal sets a dangerous precedent. Keeping this mentality alive will allow for a further erosion of peoples’ rights and grants very worrying powers to agencies that are there to protect, not to oppress.

During pre-show events at E3 Bethesda decided to release information about a few games including Dishonored 2, Fallout 4 and DOOM. All three of these games have been staples in the gaming community for a number of years and all three (if done right) can expect to continue their respective names well into the future.

Monday, 15 June 2015 15:08

E3 and why we just do not bother

Today I was asked why we do not attend the Electronic Entertainment Expo (E3). It was a valid question, but the answer is not really all that simple. If I had to be blunt I would say that we stopped covering E3 when it became one big misdirection. Over the years E3 changed from a real showcase for games and software and more of chance to show off games in a way that they will never end up for the consumer.

At Computex 2015 Intel has announced a few nice additions to the Broadwell line up which bring Iris Pro graphics to the table. The new CPUs are touted as the first LGA CPUs to have Iris Pro in them which might not seem like a big deal, but if leveraged right could have a significant impact on the market. Intel is also pushing out mobile Core i5 CPUs with Iris Pro 6200 with this launch making their more advanced graphics available to a broader range of products.