/security/ Archive
While reading an article on Ars Technica about the fact that 20 hotel chains were hacked and credit card data was exposed I remembered about a local case I came across a while back with a small rural hotel where the reservation system was using an old PHP form to submit the reservation data via
If you’d go now to the Kaspersky Cybermap website from a country other than an English speaking one, you would be prompted with a PHP notice and a PHP warning which cause a full path disclosure on Kaspersky’s website: Apparently the cybermap script is supposed to pull the verbiage related with languages other than English
For quite a while Windows was seen as the worst operating system ever in terms os security. There were so many vulnerabilities in the proprietary source code built by Microsoft that in the early 2000’s in the dawn of botnets a lot of people thought Windows is doomed. And if that weren’t enough the third party
According to an article from ADSL Zone [ES], the HTTP/2 protocol has severe security flaws that put up to 85 million sites at risk. I must admit that I didn’t see this coming given that following extensive patches in the standard HTTP protocol you’d expect the next generation one to be much more secure. Fortunately
When I first heard about Let’s Encrypt I was pretty skeptical simply because I didn’t think someone could offer for free what Comodo and many others were offering for at least $50 a year without any backfires. And if the unfair competition perfectly patented before by companies like Microsoft would have been the least of
