-
22 votes
-
On the XZ Utils backdoor (CVE-2024-3094): FOSS delivered on its pitfalls and strengths
27 votes -
The not-so-silent type. Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.
9 votes -
US medical providers still grappling with UnitedHealth cyberattack
9 votes -
Help me ditch Chrome's password manager!
I've been trying to reduce my reliance on all things Google, and one of the big ones is password management. I've tried several times to make the jump, but every time I start researching options...
I've been trying to reduce my reliance on all things Google, and one of the big ones is password management. I've tried several times to make the jump, but every time I start researching options I'm overwhelmed by the selection. There are a lot of popular options out there, and I really don't have the time/energy to endure a misstep. So without a clear idea of which manager will check all of my boxes, I end up bailing on the process and keep using chrome's built in option.
So to start, here's what I like about Chrome:
- Automatically offers to store passwords without extra clicks
- Autofills automatically where it can, and gives me an easy choice when it can't
- Works everywhere I need passwords. (basically everywhere I browse the internet since chrome works everywhere)
- Minimal overhead. This is hard to beat since Chrome just includes it, so I'm fine with a little extra setup if necessary.
I used to use keepass portable on a thumb drive (I want to say circa ~2009ish), but it became really inconvenient as my usage shifted more to mobile devices.
I see this as a first step to also reducing my reliance on Chrome so I can start to consider other browsers. Right now I feel locked in to Google's ecosystem, but I know I can break it up if I don't get too bogged down by choice. Much appreciate any help. :)
34 votes -
Bug in glibc's iconv() function allows for RCE in PHP servers by setting charset to ISO-2022-CN-EXT to trigger buffer overflow (CVE-2024-2961)
9 votes -
When provided with CVE descriptions of 15 different vulnerabilities and a set of tools useful for exploitation, GPT-4 was capable of autonomously exploiting 13 of which, yielding an 87% success rate
17 votes -
There used to be a people’s bank at the US Post Office
37 votes -
Riot’s Vanguard comes to League
19 votes -
Twitter replaces twitter.com with x.com without user consent. Bad implementation invites an influx of Phishing attacks. (german source)
48 votes -
Don’t set up wildcard DNS records for GitHub Pages
18 votes -
Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576)
18 votes -
Sweden's public sector has ditched Big Tech in the name of privacy as a major telecom provider unveiled a new secure collaboration hub
14 votes -
Backdoor in upstream libxz targeting sshd
104 votes -
Kobold letters. Why HTML emails are a risk to your organization.
33 votes -
Lessons learned from the Google trade secret theft indictment
7 votes -
Finland's response to Russia's invasion of Ukraine has been to move away from policy of self-reliance and embrace the alliance
12 votes -
Fighting cookie theft using device bound sessions
14 votes -
Will the Apple antitrust case affect your phone’s security?
15 votes -
Ross Anderson, computer security expert, passed away
12 votes -
What happened when you visited a medieval inn?
11 votes -
Hackers found a way to open any of three million hotel keycard locks in seconds
42 votes -
The creeping politicization of the US Military
17 votes -
Hackers can read private AI-assistant chats even though they’re encrypted
20 votes -
‘We’re hemorrhaging money’: US health clinics try to stay open after unprecedented cyberattack
31 votes -
You can not simply publicly access private secure links, can you?
11 votes -
White House urges use of type safe and memory safe programming languages and hardware
38 votes -
White House to Developers: Using C or C++ Invites Cybersecurity Risks
5 votes -
Leak of documents on spyware developed by vendor for Chinese government
33 votes -
US House Intel Chairman announces ‘serious national security threat,’ sources say it is related to Russia's nuclear capabilities in space
30 votes -
Twitter/X provides premium perks to Hezbollah, other US-sanctioned groups
18 votes -
What Is A Secure Note-Taking App?
I've been using Google's Keep Notes for all my note-taking, but I would like to shift away from that and use an app that is more secure. I've heard of Notion and Evernote but I'm not sure about...
I've been using Google's Keep Notes for all my note-taking, but I would like to shift away from that and use an app that is more secure. I've heard of Notion and Evernote but I'm not sure about their level of security/encryption. Any suggestions?
20 votes -
A 2024 plea for lean software
36 votes -
The extraordinary world of fake cities, and simulated urban environments
3 votes -
MIT PhD student hacks Apple Vision Pro days after release, reveals potential jailbreaks and malware threats
19 votes -
What are people's thoughts on "secureblue", "bazzite" and other ublue images?
7 votes -
Your security program is shit
63 votes -
ChatGPT is leaking passwords from private conversations of its users, Ars reader says
17 votes -
In major gaffe, hacked Microsoft test account was assigned admin privileges
28 votes -
Twenty-six billion records exposed in massive leak, including data from Linkedin, X, Dropbox
44 votes -
How nuclear weapons and nuclear materials are transported
7 votes -
Hackers can infect network-connected wrenches to install ransomware, researchers say
28 votes -
Inside the world's highest tech prison - HMP Fosse Way
12 votes -
4-year campaign backdoored iPhones using possibly the most advanced exploit ever
43 votes -
EU Cyber Resilience Act: What does it mean for open source?
13 votes -
All cops are broadcasting. TETRA unlocked after decades in the shadows.
26 votes -
India targets Apple over its phone hacking notifications
19 votes -
Ten years later, new clues in the Target breach
24 votes -
How to lose a library [British Library cyber attacks]
10 votes -
Finland's government has cited security concerns for the closure of all border crossings with Russia – Russian-speaking Finns say their rights are being violated
24 votes