[Previous] Should Social Security Be Progressive? « The Baseline ...

 [Next] Scarlett Johansson says privacy invasion is unjust,... | ...

Some related posts from Technorati and Google.

[TechNet Blogs] Is SSL broken? – More about Security Advisory 2588513 - Security ...: Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

[Analysing all aspects of modern Security] Microsoft releases Security Advisory 2588513 – MSRC – Site Home: Later versions of TLS (1.1 and 1.2) are not susceptible to this approach; our Security Advisory gives guidance on how to enable TLS 1.1 and 1.2 for customers who believe themselves to be at significant risk from this issue.

[Security Research & Defense] Details on the New TLS Advisory: Renegotiation is a feature of the TLS protocol, described in RFC 2246 which allows either peer to renegotiate the parameters of a protected connection at any point in time. An attacker could exploit this vulnerability by intercepting a legitimate connection from a client, then initiating a renegotiation to the vulnerable server, or by piggybacking on a TLS renegotiation initiated by the web server.

[The Security Blog » Latest InfoSec Threat Research & News | TheSecurityBlog.com] SSL: Threatened by a BEAST of Prey – Security Threat Research ...: As we commented previously, the issues up to now have been primarily about trust issues with certificate authorities, like DigiNotar and GlobalSign, rather than about the underlying protocols. The BEAST (Browser Exploit Against SSL/TLS) code planned for demonstration at the Ekoparty conference is something different: it appears to be a direct attack on the confidentiality of the TLS protocol by decrypting HTTPS requests. 

[Site Home] Page: August 2010 Security Bulletin Release Webcast Q&A: In the context of this bulletin, customers of Silverlight 2 and Silverlight 3 can upgrade to either the latest build of Silverlight 3 which addresses the vulnerability, or upgrade to the latest build of Silverlight 4 which is not affected by this vulnerability.

[Federal Advisory Committee Blog] Aneesh Chopra Reflects on Progress to Date & What is to Come: The final blog postings below from Dr Charles Jaffee, HL7, and Clay Shirky, Consultant/Internet technologies, are meant to summarize and further entice discussion and discourse on our seven topics and our interest in pulling forward standards adoption. We will keep the Online Health Forum open for your comments until December 1st.  Following that, the Implementation work group will consolidate our ideas and make recommendations to the HIT Standards Committee in early 2010.

Reflected tags on Technorati: Blog, Security, Global Security Watch