Search the Community
Showing results for tags 'security'.
Steve Gibson has produced another helpful tool along similar lines to Never10 .. InSpectre https://www.grc.com/inspectre.htm Its a neat and informative tool written in assembler so its small (same as all tools from Steve Gibson), only a week in development, but already looks like its just about done at release #5 .. At time of posting - Last Updated: Jan 18, 2018 at 13:14 Reference another topic on Meltdown and Spectre vulnerabilities, this tool will tell you if you are protected against these vulnerabilities or not A Computerworld Columnist reckons the tool is sending anti-virus software a bit nuts because it is new and unrecognised software .. If you’re not particularly interested in taking a graduate level course in Windows translation lookaside buffers and context switches, InSpectre can help. I’ve also just discovered a free Meltdown/Spectre checker from German software vendor Ashampoo. The results from their Spectre Meltdown CPU Checker match that from InSpectre on my machines. I continue to recommend that you hold off on this month’s patches – that includes Windows patches, .NET patches, firmware patches, and more – but you should disable Equation Editor if you’re in the habit of Enabling Edits on spurious Word documents. See my post from last week, but also note 0patch has just released a fix that specifically plugs the Equation Editor security holes. There are no known exploits for Meltdown or Spectre in the wild, although some are in development. (It’s feasible that nation states have been using either or both for decades!) For regular Windows users, the most likely infection vector, when it arrives, will be via a web browser, and those are getting patched quickly. Wait until the dust settles on this month’s patches before you install something that could clobber or cripple your machine. Share your InSpectre insights on the AskWoody Lounge. .. "They are all false positives" For development discussions, refer to Steve Gibsons Newgroups, News.Feedback Edit : And there is a Security Now! podcast dedicated to the subject https://twit.tv/shows/security-now/episodes/646?autostart=false (Scroll down a bit on that security now page too for the link to the show notes which has further helpful links). Edit 2 : NVidia Graphics drivers latest updates (390.65 +) have been adapted to also help prevent these vulnerabilities.
Adding to the things 2017 is bringing us, AFK Mods should now transmit entirely using encryption now. Since Google has seen fit ti bully sites into doing this via scary sounding warnings in both Chrome and via search engine penalization, I figured it was about time to just do it and get it over with. Fortunately Let's Encrypt allowed the process to be about as smooth as one could hope for. Everything under the afkmods.com domain now uses HTTPS. It may take some time before every last thing on the site is served this way but so far it seems the site caught up to most of it pretty quickly. I'm still working on the redirects to get them to force the issue of pushing the non-encrypted data over to the encrypted side. The automated script that should have done that obviously hasn't done it correctly but that's a minor thing I can probably fix over the weekend. It would be advisable to update all URLs in any documents you might have that point here to use HTTPS instead of HTTP.
Well, looks like one of the reasons to fear using Steam has come to pass. Take a read. Not cool Gabe, not cool at all that we had to find out this way. http://masterherald.com/steam-hit-by-major-security-breach-many-accounts-hacked/23239/