Security Roundup - The Beginning
Interesting to note:
- They are penalizing ones that are issued after January 1st, as these were not supposed to be issued.
- Also plan to start penalizing if intermediate certificates are still use SHA1.
- Potential to treat them all as untrusted as early as July 1st, 2016
Kicked off yesterday, and has some interesting sounding sessions, including several talks about TLS.
Want Access To A Physical Linux Machine? Press Backspace 28 Times
GRUB2 Authentication Bug that was in the wild from December 2009
Interesting article on knee-jerk attribution of hacks.
The apologetic cry of breached companies everywhere.