security

meltdown-spectre-logo
Mozilla has confirmed web-based attack vector for Meltdown and Spectre CPU bugs

“Our internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins,” said Luke Wagner, a software engineer with the Mozilla Foundation. from: https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/

redditlogo
reddit – Meltdown & Spectre CPU security vulnerability megathread

Meltdown & Spectre Megathread from sysadmin (Click on the link above for more.)

phoronix logo
Phoronix benchmarks from intel security bug fix testing look… terrifying.

https://www.phoronix.com/scan.php?page=article&item=linux-415-x86pti&num=2 🙁

Intel Chip Broken
The Register reports: “‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign”

A security design flaw in Intel x86 chips may force users to sacrifice up to 33% of performance to mitigate the issue. More testing is required, and more info can be found with technical details […] Read More

lelogo
letsencrypt and SSL now forced on all site access

Huzzah! 🙂 That was a bit more of a pain than I thought, but letsencrypt SSL/TSL and cloudflare is now enforced site wide. Let me know via slack, twitter, linkedin, or email if anybody has […] Read More

Lastpass Logo
Password management sucks? Lasspass makes it suck far, far less.

Now that 2018 is in full swing, I decided it was way past time to do something about my horrible password management practices.  I try not to reuse passwords.  I try to use complicated strings.  […] Read More