Remember Jones from Police Academy? Here he is telling about his rental truck. Absolutely hilarious.
Remember Jones from Police Academy? Here he is telling about his rental truck. Absolutely hilarious.
Nearing the end of week 2 of my Half Marathon training plan, and this week we start doing regular long-distance runs on both weekend days. Saturday is 14K and Sunday is 16K. I am going to really ache on Monday. ^_^
I’ve got my name into the Royal Parks HM ballot. Now the wait is on to see whether I get space on the race or not.
A few miskeys, but considering they’re using their feet, this is a near-perfect rendition of Toccata & Fugue
Some software bugs are infinitely subtle and complicated. Others are comprehensible almost at a glance to anyone who dabbled in BASIC as a kid. The iOS 7 bug is in the latter group.
Did you see it? This function is called when a iPhone connects to an encrypted site over SSL: it’s meant to verify that the encryption key is being vouched for — digitally signed — by the operator of the website.
But notice the two “goto fail” lines, one after the other. The first one belongs there. The second is a typo. That extra, duplicative line diverts the program’s execution, like a bypass stent, right past a critical authentication check. The part where the digital signature is actually checked is dead code, never reached.
Behind iPhone’s Critical Security Bug, a Single Bad ‘Goto’ | Threat Level | Wired.com.
Why Apple’s Recent Security Flaw Is So Scary.
On Friday, Apple quietly released iOS 7.0.6, explaining in a brief release note that it fixed a bug in which “an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS.” That’s the understated version. Another way to put it? Update your iPhoneright now.
Oh, and by the way,OS X has the same issues—except there’s no fix out yet.
In simple terms, someone can intercept traffic between you and the site your accessing, and pull of a “Man in the Middle” attack:
I could make all manner of snarky comments on this, but I won’t.
You must be logged in to post a comment.