Page 3 of 5

Re: Vulnerabilities

Posted: Mon Oct 16, 2017 10:58 pm
by Glamdring
loughor wrote:
Fri Jun 23, 2017 1:52 pm
There isn't a Win10 thread but this is loosely associated with the post subject.

https://www.theregister.co.uk/2017/06/0 ... complaint/

It seems MS is blocking renewal reminders (except through MS' Action Center [sic]) and is asking people "do you want to run this program?" and suggesting Kaspersky is not safe, whereas Defender is (the claim). You just know some people will panic. There is a better article in Computer Act!ve mag and that link is just one of many from a search.

Way to make 10 and the Windows ecosystem secure, MS.
Kapersky is not secure. They apparently allow the Russian govermint to access their data.

Re: Vulnerabilities

Posted: Mon Oct 16, 2017 11:18 pm
by Wooster
Glamdring wrote:
Mon Oct 16, 2017 10:56 pm
Proof of concept, and it includes IO so I'd better not turn on my iPad.
They need to set up a Rogue AP and you need to connect to it, to initiate the Man in the Middle Attack.
You will still be secure however, if you make sure that you are only logging into and accessing HTTPS sites.

If you log onto a WLAN and find that the sites you see are HTTP only, then alarm bells should start ringing.

Re: Vulnerabilities

Posted: Tue Oct 17, 2017 12:45 am
by richietog
What's the point of all the lovely tech stuff when they are not secured?

I feel like binning every tech thing I have, really fed up to be honest

Re: Vulnerabilities

Posted: Tue Oct 17, 2017 10:27 am
by Glamdring
Isn't it complacency on the part of the original developers? Not keeping up with what the hackers are up to?

Re: Vulnerabilities

Posted: Tue Oct 17, 2017 5:49 pm
by Wooster
These standards are a collaborative effort among many groups and individuals (anyone can chip in if they have a valid point) and can take years of development.
This security protocol was agreed thirteen years ago, and that's not a bad run tbh. 8-)

Look up IEEE and 802.11i

Re: Vulnerabilities

Posted: Tue Oct 17, 2017 11:10 pm
by richietog
Must of the vulnerabilities are down to mainly software/firmware issue

Re: Vulnerabilities

Posted: Wed Nov 22, 2017 12:22 pm
by loughor
This WPA2 Security (KRACKs) Vulnerability thing. I just looked into my TP-Link router's risk factor and it seems it has not been put on the vulnerable list.
http://uk.tp-link.com/faq-1970.html
Which means phew (probably). What with my iOS being at 11.1 or later, they are sorted too.

Re: Vulnerabilities

Posted: Wed Jan 03, 2018 11:05 am
by loughor
Quote:
A major bug in Intel’s processors can’t be fixed via a firmware update, and will require an operating system patch across Windows, Linux and macOS platforms – and the bad news is that this software patch could slow down PCs potentially by up to 30%.

http://www.techradar.com/news/patch-for ... wn-your-pc

https://www.theregister.co.uk/2018/01/0 ... sign_flaw/

30% reduction of performance would pee me off somewhat. Of course, the quote is qualified with the scaremongering journalistic shock horror word "could", so time will tell.

Re: Vulnerabilities

Posted: Thu Jan 04, 2018 7:43 pm
by richietog
I think Intel/Amd should replace the cpu for free in that case

One thing I don't get is that there are rumours that it doesn't affect gaming rigs, which is kind of weird, because I'm sure that the cpu cannot tell the difference between gaming rigs and just workstations or servers

Re: Vulnerabilities

Posted: Sun Jan 07, 2018 12:37 am
by [PCF]Falcs
I read an article where someone had downloaded the patch and the slow down was totally negible for most pc's the 30% was probably for really old pc's

Re: Vulnerabilities

Posted: Mon Jan 08, 2018 1:04 am
by richietog
[PCF]Falcs wrote:
Sun Jan 07, 2018 12:37 am
I read an article where someone had downloaded the patch and the slow down was totally negible for most pc's the 30% was probably for really old pc's
The older the CPU, the more it will slow down. The newer the CPU, it will be near 5% slower I read also somewhere

Re: Vulnerabilities

Posted: Mon Jan 08, 2018 10:20 am
by Wooster
Then it might be better to skip the patch and put faith in a decent AV catching anything trying to take advantage of the exploit.

Re: Vulnerabilities

Posted: Mon Jan 08, 2018 8:30 pm
by loughor
Updates are now available for mac OS and iOS for those who are worried about vulnerabilities. Not that there won't be something else sometime.

Re: Vulnerabilities

Posted: Thu Jan 18, 2018 7:12 pm
by richietog
Why do we bother with things like smartphones when they are riddled with bugs
http://www.independent.co.uk/life-style ... 65486.html

And Apples main marketing campaign is to say that their devices are virus free

Re: Vulnerabilities

Posted: Wed Feb 07, 2018 7:14 pm
by Splinter
I wouldn't believe anything from The Independent, frankly.