Irony is one of those things that is not appreciated by security guys. They do not find humor in it nor do they enjoy it when someone points an ironic situation involving them out. This has to be the case for the privacy company LifeLock. A pair of security researchers (Eric Taylor and Blake Welsh) have found an interesting feature in LifeLock’s web site. The flaw allows for a cross-site scripting attack to be used to do a fair amount of damage including injecting malware.
When you use a search engine like Yahoo or Google you expect to get relevant results for your efforts. In many cases this does really happen, but often times we enter what we are looking for and find very little that relates to the actual search. One of the reasons for this is (and has been for a long time) the ability of search providers to artificially alter the search results through internal ranking systems. Google and Yahoo both have done this in the past and in some cases with good reason.
Cisco has acknowledged (and released patches for) a fairly serious security bug in three of their virtual appliances that, oddly enough, are related to security. The three products in question are the Cisco Web Security Virtual Appliance, the Email Security Virtual Appliance and the Security Management Virtual Appliance. These three devices all share a default preinstalled SSH encryption key. This meddlesome little fact means that it is very simple to get into an SSH session because you can grab the key off of another copy of the product. We are pretty sure that the default keys are already floating around on the internet somewhere as well.
Over the course of its development there has been a lot to like about Windows 10. There seems to be a good blend of the traditional Windows desktop with some of the touch-centric features that Microsoft tried to force in Windows 8. You are also getting more than a few performance improvements including DX12. If you have not heard about all of the goodness in DX12 you are in for quite a pleasant surprise. However, despite all of the good there is in Windows 10 there seems to be a group at Microsoft that have still not learned lessons from the past.
When Microsoft and Sony announced the move to x86-64 based gaming consoles some (pronounce that many) in the gaming community were more than a little annoyed that they would not be able to play their older games. Both companies hoped that the move would drive gaming innovation and also get people to buy new games as well as leave the option for developers to create new versions of older games with improved graphics. We saw both of these start to happen during the first few months of the Xbox One and PS4’s life. Now that things are settling down we are finally getting to a time when companies are going to circle back around to those older games.
The term privacy has come to mean a great many things in the last few years. To some the idea of privacy is being able to do or say certain things without the fear of anyone finding out. Most people like to know that what they do on their own time is their business. Where things get a little muddy is when people liken the desire for privacy with a desire to hide wrongdoing. This belief couldn’t be farther from the truth . It is not just that it is wrong, but it is also dangerous. To imply that anyone that wants to have privacy is somehow hiding something illegal sets a dangerous precedent. Keeping this mentality alive will allow for a further erosion of peoples’ rights and grants very worrying powers to agencies that are there to protect, not to oppress.
During pre-show events at E3 Bethesda decided to release information about a few games including Dishonored 2, Fallout 4 and DOOM. All three of these games have been staples in the gaming community for a number of years and all three (if done right) can expect to continue their respective names well into the future.
Today I was asked why we do not attend the Electronic Entertainment Expo (E3). It was a valid question, but the answer is not really all that simple. If I had to be blunt I would say that we stopped covering E3 when it became one big misdirection. Over the years E3 changed from a real showcase for games and software and more of chance to show off games in a way that they will never end up for the consumer.
At Computex 2015 Intel has announced a few nice additions to the Broadwell line up which bring Iris Pro graphics to the table. The new CPUs are touted as the first LGA CPUs to have Iris Pro in them which might not seem like a big deal, but if leveraged right could have a significant impact on the market. Intel is also pushing out mobile Core i5 CPUs with Iris Pro 6200 with this launch making their more advanced graphics available to a broader range of products.
There is nothing worse than thinking you are protecting your internet travels when in reality you are participating in a giant botnet. That appears to be the case that is happening with VPN provider Hola. According to security researchers the use of the service still leaves you at risk of being tracked regardless of what you do and leaves you at even greater risk than just tracking.