Thursday, September 18th, 2014

Time	Event
1:28p	Thursday's security advisories Debian has updated icedove (two vulnerabilities) and libav (multiple unspecified vulnerabilities). openSUSE has updated curl (13.1, 12.3: two cookie-handling vulnerabilities). Oracle has updated automake (OL5: code execution from 2012), bind97 (OL5: three vulnerabilities, two from 2013), conga (OL5: multiple vulnerabilities some going back to 2012), krb5 (OL5: code execution), krb5 (OL5: multiple vulnerabilities, two from 2013), and nss, nspr (multiple vulnerabilities, one from 2013). SUSE has updated squid3 (SLE11SP3: denial of service). (Comment on this)
5:07p	Simply Secure announces itself A new organization to "make security easy and fun" has announced itself in a blog post entitled "Why Hello, World!". Simply Secure is targeting the usability of security solutions: "If privacy and security aren’t easy and intuitive, they don’t work. Usability is key." The organization was started by Google and Dropbox; it also has the Open Technology Fund as one of its partners. "To build trust and ensure quality outcomes, one core component of our work will be public audits of interfaces and code. This will help validate the security and usability claims of the efforts we support. More generally, we aim to take a page from the open-source community and make as much of our work transparent and widely-accessible as possible. This means that as we get into the nitty-gritty of learning how to build collaborations around usably secure software, we will share our developing methodologies and expertise publicly. Over time, this will build a body of community resources that will allow all projects in this space to become more usable and more secure." (Comment on this)

<< Previous Day

2014/09/18 [Calendar]

Next Day >>