Slack hacked. Responds with transparency.
A role model for others.
Author: Andreas
-
Wieland Alge, Barracuda VP, about the Security Industry
For short: “Get real”. A few good points, still from somebody from inside the industry that produces security software. -
Github Under JS-Based "Greatfire" DDoS Attack, Allegedly From Chinese Government
Github is under attack from the Chinese Government, Slashdot writes.
via Github Under JS-Based “Greatfire” DDoS Attack, Allegedly From Chinese Government – Slashdot.
-
Deutsche Telekom und das Internet
Die Telekom hat offenbar ein anderes Internet, das kein IP verwendet. Oder das ist Satire.
Im sogenannten Voice-over-IP-Verfahren (VoIP) wird bereits mittels Datenverbindung über das Internet telefoniert, etwa über die Computersoftware Skype. Ein Ersatz für den herkömmlichen Telefonanschluss ist VoIP per PC allerdings nicht, denn sie bietet vergleichsweise geringen Komfort und Verbindungsabbrüche sind an der Tagesordnung.
Aber:
Das ist beim Telefonieren über das Internet Protokoll ganz anders: Die Gesprächsverbindungen über IP erfolgen in hervorragender Sprachqualität und dem Kunden stehen alle Bequemlichkeiten moderner Telefon-Features zur Verfügung.
-
10 Myths of Enterprise Python
PayPal Engineering Blog: 10 Myths of Enterprise Python.
via ycombinator.
-
Rouge CAs and certificate pinning.
A intermediate CA, held by MSC Holdings, issued by CNNIC, the Chinese NIC, apparently issued certificates for unauthorized domains. The problem was detected by Google for their domains through pinned certificates in their browser.
Google Online Security Blog: Maintaining digital certificate security.
-
The issue with Crypto.
Encrypted email is still not popular, because this is so embarrassing:
-
Exploiting the DRAM rowhammer bug to gain kernel privileges
For the sake of having this here. Manipulating bits in memory is a big deal in multi-tenant virtualized and cloud environments, aka public cloud. Unfortunately this is a hardware issue and not something that a software patch will solve. Only new physical deployments can solve that problem. So rowhammer will be a nightmare for a while…
via Project Zero: Exploiting the DRAM rowhammer bug to gain kernel privileges.
-
Hello, Sofia!
Oh hai Bulgaria!
-
eMail. Still.
Year 2015. Still eMail is the predominant means of communication. Everybody hates it, most companies make an effort to ban it. Atos wanted to go email free, Telekom shuts off their servers, Daimler even deletes email for people on vacation. Even I receive emails, saying “I need this, but I cannot answer”, quoting the “email free day policy”. Despite all effort, nobody succeeds.
Why? Unclear. While I think email should be banned myself, I have difficulties offering a better option. But I develop a feeling for why this is happening. This morning somebody mentioned he’ll be posting into a slack.com channel. That company claims to simplify communication, make teamwork less painful and busy, all searchable. As if nobody else tried that. And even if slack.com does a good job in what they aim for, they are just another solution.
In my personal, active use are trello.com, Pocket, Salesforce chatter. While my company introduces a community, colleagues swear on private Facebook groups or WhatsApp for simplified communication. Not to mention the tools customers and businesspartners are using. Popular among these are Jive, Atlassian Jira, SAP Jam, but not limited, I’ve seen self hosted communities, bug trackers and ticketing tools.
It’s difficult to keep track of all these tools. But they all send notifications through email.
Which tool do you use to communicate?