Seen on the street in Kyiv.

Words of Advice:

"If Something Seems To Be Too Good To Be True, It's Best To Shoot It, Just In Case." -- Fiona Glenanne

“The Mob takes the Fifth. If you’re innocent, why are you taking the Fifth Amendment?” -- The TOFF *

"Foreign Relations Boil Down to Two Things: Talking With People or Killing Them." -- Unknown

“Speed is a poor substitute for accuracy.” -- Real, no-shit, fortune from a fortune cookie

"Thou Shalt Get Sidetracked by Bullshit, Every Goddamned Time." -- The Ghoul

"If you believe that you are talking to G-d, you can justify anything.” — my Dad

"Colt .45s; putting bad guys in the ground since 1873." -- Unknown

"Stay Strapped or Get Clapped." -- probably not Mr. Rogers

"The Dildo of Karma rarely comes lubed." -- Unknown

"Eck!" -- George the Cat

* "TOFF" = Treasonous Orange Fat Fuck,
"FOFF" = Felonious Old Fat Fuck,
"COFF" = Convicted Old Felonious Fool,
A/K/A Commandante (or Cadet) Bone Spurs,
A/K/A El Caudillo de Mar-a-Lago, A/K/A the Asset,
A/K/A P01135809, A/K/A Dementia Donnie, A/K/A Felon^34,
A/K/A Dolt-45, A/K/A Don Snoreleone

Wednesday, January 15, 2020

Update Windows 10 Today

Microsoft released a patch for Windows 10 and Server 2016 today after the National Security Agency found and disclosed a serious vulnerability. It's a rare but not unprecedented tip-off, one that underscores the flaw's severity—and maybe hints at new priorities for the NSA.

The bug is in Windows' mechanism for confirming the legitimacy of software or establishing secure web connections. If the verification check itself isn't trustworthy, attackers can exploit that fact to remotely distribute malware or intercept sensitive data.

"[We are] recommending that network owners expedite implementation of the patch immediately as we will also be doing," Anne Neuberger, head of the NSA's Cybersecurity Directorate, said on a call with reporters on Tuesday. "When we identified a broad cryptographic vulnerability like this we quickly turned to work with the company to ensure that they could mitigate it."

The flaw is specifically in Microsoft's CryptoAPI service, which helps developers cryptographically "sign" software and data or generate digital certificates used in authentication—all to prove trustworthiness and validity when Windows checks for it on users' devices. An attacker could potentially exploit the bug to undermine crucial protections, and ultimately take control of victim devices.
That's a good thing that the NSA found a severe flaw and then alerted Microsoft so they could patch it.

Which leads to wondering what flaws exist that the NSA would rather exploit than help fix.

Anyhoo, if you're running a Windows 10 computer, you need to run Windows Update as soon as you can.

2 comments:

dinthebeast said...

Got mine last night, thank you.

-Doug in Oakland

Tod Germanica said...

Get ubuntu or linux Mint. So smooth, so creamy. Applications and updates and operating system always free-free as in speech and free as in beer. Does not phone home to any TLA (telemetry, spyware) as Win does. Inherent security both by design and by obscurity. Works well as a virtual OS inside Win. Dump MS.