vulnerability
Worst languages for software security
- Albert Zenkoff
- 2016-01-19
- Technology, C/C++, Development, Java, languages, misleading, OWASP, philosophy, problem, quality, security promise, vulnerability, web application
I was sent an article about program languages that generate most security bugs in software today. The article seemed to refer to a report by Veracode, a company I know well, to discuss what software security problems are out there in applications written in different languages. That is an excellent question and a very interesting ...
Read More
GAO report on cybersecurity in Air Traffic Control is outright scary
- Albert Zenkoff
- 2015-04-17
- Society, aircraft, airplane, control system, FAA, firewall, GAO, in-flight, network, terror, terrorist attack, USA, vulnerability
The fact that the modern aircraft can be controlled from the ground is not widely publicized but known. There was though a lot of controversy, including among specialists, about how much of control could be intercepted by unauthorized 3rd parties. Well, now the extent of the problem is confirmed officially. The U.S. Government Accountability Office ...
Read More
Heartbleed? That’s nothing. Here comes Microsoft SChannel!
- Albert Zenkoff
- 2014-11-13
- Technology, attack, critical, HeartBleed, library, Microsoft Secure Channel, no mitigation, no workaround, patch, remote, remote code execution, SChannel, vulnerability, WinBleed
The lot of hype around the so-called “Heartbleed” vulnerability in open-source cryptographic library OpenSSL was not really justified. Yes, many servers were affected but the vulnerability was quickly patched and it was only an information disclosure vulnerability. It could not be used to break into the servers directly. Now we have Microsoft Secure Channel library ...
Read More