More results...
0day is cool. Killing 0day, sight unseen, at scale — that’s cooler. If you agree with me, you might be my kind of defender, and the upcoming O’Reilly Security Conference(s) might be your kind of cons. Don’t get me wrong. Offense is critical. Defense without Offense is after all just Compliance. But Defense could use […]
It’s not actually surprising that somebody would claim to be the creator of Bitcoin. Whoever “Satoshi Nakamoto” is, is worth several hundred million dollars. What is surprising is that credible people were backing Craig Wright’s increasingly bizarre claims. I could speculate why, or I could just ask. So I mailed Gavin Andresen, Chief Scientist of the Bitcoin Foundation, “What the […]
Julian E. Barnes, Wall Street Journal The Wall Street Journal sat down recently with Gen. Philip Breedlove, the top commander of U.S. and alliance forces in Europe, to discuss tensions with…
SUMMARY: Yes, this is a scam. Not maybe. Not possibly. Wright is pretending he has Satoshi’s signature on Sartre’s writing. That would mean he has the private key, and is likely to be Satoshi. What he actually has is Satoshi’s signature on parts of the public Blockchain, which of course means he doesn’t need the private key and he […]
Evelyn Rupert, The Hill Sen. John McCain (R-Ariz.) delivered his own wide-ranging foreign policy speech as he took the floor for the weekly GOP address. McCain bashed President Obama’s…
Rep. Mac Thornberry, HASC WASHINGTON – Today, Chairman Thornberry released his proposal for H.R. 4909, the National Defense Authorization Act for Fiscal Year 2017. To view the bill text…
Performance tests try to reduce the risks of downtime or outages on multi-user systems by conducting experiments that use load to reveal limitations and errors in the system. Testing usually involves assessing the performance and capacity of systems th…
I’ve made some comments regarding Apple vs. the FBI at Wired.
CVE-2015-7547 is not actually the first bug found in glibc’s DNS implementation. A few people have privately asked me how this particular flaw compares to last year’s issue, dubbed “Ghost” by its finders at Qualys. Well, here’s a list of what that flaw could not exploit: apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, […]