Michael Lazin via plug on 10 Aug 2020 12:58:26 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] news


I think the interesting point about the HTTP smuggling article that you reference is it still works.  Google rankings are negatively impacted if you don't have an SSL certificate, and we have plugins like HTTPS everywhere, which force HTTPS on the client-side, and yet still HTTP persists despite it not being secure.  There was a time when purchasing a certificate was cost-prohibitive, but many web hosts now include a cert with hosting and there are free SSL cert providers.  I think this is a sign that providers should start forcing https connections on the server-side.  I know this is controversial because you want the maximum amount of people to view your website, and you don't want to lock out people with old hardware/software. Still, maybe it would be wise for the Internet community to start doing this for security reasons and not just google rankings. 

Michael Lazin

to gar auto estin noein te kai ennai


On Mon, Aug 10, 2020 at 10:44 AM jeff via plug <plug@lists.phillylinux.org> wrote:
Top 10 terminal shortcuts
https://www.redhat.com/sysadmin/top-10-shortcuts


Google confirms in-house scheduler open-sourced into Linux
https://www.theregister.com/2020/08/10/google_scheduling_code_reaches_linux/


Linus T: So I didn't really expect this, but 5.8 looks to be one of our
biggest releases of all time.
https://lore.kernel.org/lkml/CAHk-=whfuea587g8rh2DeLFFGYxiVuh-bzq22osJwz3q4SOfmA@mail.gmail.com/


Researcher Discovers New HTTP Request Smuggling Attack Variants
https://www.securityweek.com/researcher-discovers-new-http-request-smuggling-attack-variants


Snapdragon chip flaws put >1 billion Android phones at risk of data theft
https://arstechnica.com/information-technology/2020/08/snapdragon-chip-flaws-put-1-billion-android-phones-at-risk-of-data-theft/#p3

meh - what's 400 vulns between friends?

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug