Skip to content

Month: September 2017

Linus Torvalds Invites Attackers to Join the Ke… » Linux Magazine

Torvalds is not a huge fan of the ‘security community’ as he doesn’t see it as black and white. He maintains that bugs are part of the software development process and they cannot be avoided, no matter how hard you try. “constant absolute security does not exist, even if we do a perfect job,” said Torvalds in a conversation with Jim Zemlin, the executive director of the Linux Foundation. “As a technical person, I’m always very impressed by some of the people who are attacking our code,” Torvalds said. “I… Read more Linus Torvalds Invites Attackers to Join the Ke… » Linux Magazine

Apache bug leaks contents of server memory for all to see—Patch now | Ars Technica

Another vulnerability hits the news. Whilst similar to heartbleed in leaking memory contents, it does not seem to be too risky if you’re running it as a single user, and the memory leak isn’t huge quantities. Saying that, this vulnerability also may also affect cloud systems. For example, on AWS, (which has httpd), doing a version check: $ httpd -v Server version: Apache/2.4.27 (Amazon) Server built: Aug 2 2017 18:02:45 However, without knowing how Amazon have setup Apache behind the scenes, are we able to say definitely that we are/aren’t… Read more Apache bug leaks contents of server memory for all to see—Patch now | Ars Technica