Re: [PLUG] news

Michael Lazin via plug on 10 Aug 2020 12:58:26 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] news

From: Michael Lazin via plug <plug@lists.phillylinux.org>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] news
Date: Mon, 10 Aug 2020 15:58:08 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=Zh3hYR1t2mkK23V8v/GoC89Z0JmrcTO5dybHUsI4W8g=; b=uYur+AUe6x5fDreWugFYUO+Urzv/5oVWkKbSGerlMlBE5+I4izNoMOFK2X3nPHCEo4 X6s2vKTE1Vhns798bBUN6d61O4Y4aXJ1NTB5Wc731/GCPabg9dZdiTxNeuraEbcjQy1d 9OybcQn/3FKnG6S3111nbQqB7EEBphgI3EW0fVtdvbjRExyw/XoVovN4/H6/sxiywIPV cphbs3jVTzMUdr+EpiTE0qAy/1dqjbpZdfJTJJsxlLrfC0FecOilgM8QlyjulJA8znJ6 1Je0ApqaWUkbpuxqgSlDZ4joCSVsvCd3zSAf0seAE3ufF9EEUZn8HyXM4v78q8YX3Cxk DqxQ==
Reply-to: Michael Lazin <microlaser@gmail.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

I think the interesting point about the HTTP smuggling article that you reference is it still works. Google rankings are negatively impacted if you don't have an SSL certificate, and we have plugins like HTTPS everywhere, which force HTTPS on the client-side, and yet still HTTP persists despite it not being secure. There was a time when purchasing a certificate was cost-prohibitive, but many web hosts now include a cert with hosting and there are free SSL cert providers. I think this is a sign that providers should start forcing https connections on the server-side. I know this is controversial because you want the maximum amount of people to view your website, and you don't want to lock out people with old hardware/software. Still, maybe it would be wise for the Internet community to start doing this for security reasons and not just google rankings.

Michael Lazin

to gar auto estin noein te kai ennai

On Mon, Aug 10, 2020 at 10:44 AM jeff via plug <plug@lists.phillylinux.org> wrote:

Top 10 terminal shortcuts
https://www.redhat.com/sysadmin/top-10-shortcuts

Google confirms in-house scheduler open-sourced into Linux
https://www.theregister.com/2020/08/10/google_scheduling_code_reaches_linux/

Linus T: So I didn't really expect this, but 5.8 looks to be one of our
biggest releases of all time.
https://lore.kernel.org/lkml/CAHk-=whfuea587g8rh2DeLFFGYxiVuh-bzq22osJwz3q4SOfmA@mail.gmail.com/

Researcher Discovers New HTTP Request Smuggling Attack Variants
https://www.securityweek.com/researcher-discovers-new-http-request-smuggling-attack-variants

Snapdragon chip flaws put >1 billion Android phones at risk of data theft
https://arstechnica.com/information-technology/2020/08/snapdragon-chip-flaws-put-1-billion-android-phones-at-risk-of-data-theft/#p3

meh - what's 400 vulns between friends?

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] news
  - From: brent timothy saner via plug <plug@lists.phillylinux.org>

References:
- [PLUG] news
  - From: jeff via plug <plug@lists.phillylinux.org>

Prev by Date: [PLUG] [plug-announce] Tue Aug 11 - PLUG North - "General Discussion" (7pm online)
Next by Date: Re: [PLUG] news
Previous by thread: [PLUG] news
Next by thread: Re: [PLUG] news
Index(es):
- Date
- Thread