InfoSec Links April 9, 2014

Microsoft: Let's be clear, WE won't read your email - but the cops will - Lain Thomson - The Register

Note to self: don't use Hotmail to distribute pirated copies of Windows 8.

The Heartbleed Bug, explained - Timothy B. Lee - Vox

I good explanation of the OpenSSL bug that has rocked the infosec world the past couple days. This is a pretty serious bug that puts millions of sites at risk and potentially your information such as passwords. Unfortunately, there's really nothing you can do about it except hope that the sites you have accounts on apply the patch that fixes the bug ASAP. Most big sites have probably already done it.

Xbox password flaw exposed by five-year-old boy - BBC

Five-year-old wants to get into his dads Xbox account. What does he do? Find a vulnerability in Microsoft's Xbox Live, thus starting his illustrious hacking career. It's not the least bit surprising that his dad works in security.

This post first appeared on Exploring Information Security.

InfoSec Links April 5, 2014

Fandango, Credit Karma settle with FTC over app security flaws - by Kate Tummarello - The Hill

If you build an insecure app the FTC is going to come after you. Hopefully, this will make developers start taking security into consideration when build apps. Especially, when it deals with some form of currency.

Web TV service Boxee.tv Hacked, Details of 158,000 Forum Users Leaked - By Eduard Kovacs - Softpedia

If you have a Boxee.tv account you might want to go change your password. And this is just another example of why you want to have different passwords for different accounts. If you need help with managing your password might I suggest Password Safe (look for a post in the future).

Big Brother Goes Dutch - by Lee Munson - Security Watch

The Dutch have voted fore more surveillance. /facepalm

 This post first appeared on Exploring Information Security.