1w6 uRPG 1w6 uRPG
  • Anmelden

  • Öffentlich

    • Öffentlich
    • Gruppen
    • Beliebt
    • Verzeichnis

https://sn.1w6.org/file/dethos-20180303T235927-46tqqbu.html

https://sn.1w6.org/file/dethos-20180303T235927-46tqqbu.html

Not sure what is more shocking:

A CA having 23k private keys of their customer's certs and the CEO emailing them: http://blog.koehntopp.info/index.php/3075-how-not-to-run-a-ca/

A CA having a website which allows RCE as root, from a website input: https://arstechnica.com/information-technology/2018/03/trustico-website-goes-dark-after-someone-drops-critical-flaw-on-twitter/

I'm just speechless.

#security #infosec #netsec

Nachrichten, in denen dieser Anhang erscheint

  1. dethos dethos

    Not sure what is more shocking:A CA having 23k private keys of their customer's certs and the CEO emailing them: http://blog.koehntopp.info/index.php/3075-how-not-to-run-a-ca/A CA having a website which allows RCE as root, from a …

    Friday, 02-Mar-18 02:11:31 UTC
  • Hilfe
  • Über
  • FAQ
  • AGB
  • Privatsphäre
  • Quellcode
  • Version
  • Kontakt

1w6 uRPG ist ein Mikrobloggingdienst von Arne (Drak) Babenhauserheide. Es wird mit der Mikrobloggingsoftware StatusNet (Version 1.1.1-release) betrieben, die unter der GNU Affero General Public License erhältlich ist. The running version includes the patches from draketo.de/proj/statusnet-patches.

Creative Commons Attribution 3.0 Alle Inhalte und Daten von 1w6 uRPG sind unter der Creative Commons Attribution 3.0 Lizenz verfügbar.