(OLD) (ARCHIVED) Puppy Linux Discussion Forum Forum Index (OLD) (ARCHIVED) Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info

This forum can also be accessed as http://oldforum.puppylinux.com
It is now read-only and serves only as archives.

Please register over the NEW forum
https://forum.puppylinux.com
and continue your work there. Thank you.

 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups    
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 04 Dec 2020, 01:46
All times are UTC - 4
 Forum index » Off-Topic Area » Security
CurveBall vunerability
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
8Geee


Joined: 12 May 2008
Posts: 2190
Location: N.E. USA

PostPosted: Fri 14 Feb 2020, 01:23    Post subject:  CurveBall vunerability
Subject description: Google Chrome too
 

The Cryptographic API in Windows 10 is vunerable to spoofing and other naughty stuff. This is not good, as the WHOLE cryptograhic function is compromized. In particular the Edge Browser, as it faces the Wide Area Network (Outsude World).

And while this is puppy, and we don't need no stinking windows or its edge browser... quite a few people here use the Chrome Browser that is also vunerable.

And even in the write-up the Chrome aspect of the vector attack is to put it mildly in fine print.

So the Chrome Browser needs a check-up from the neck-up.

Regards
8Geee

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
perdido


Joined: 09 Dec 2013
Posts: 1601
Location: ¿Altair IV , Just north of Eeyore Junction.?

PostPosted: Sat 15 Feb 2020, 07:40    Post subject:  

Thanks 8Geee

Reported by our friends at the NSA, no doubt after they wore it out.
CVE-2020-0601
Found this page that offers a test.
http://testcve.kudelskisecurity.com/
Link to page was posted here
The only halfway safe way to wander the interweb is with all scripting and redirecting disabled, all cookies disabled.
Only approve what you need in order to view the site you are at.
896a23a9.jpg
 Description   
 Filesize   33.4 KB
 Viewed   174 Time(s)

896a23a9.jpg

Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2190
Location: N.E. USA

PostPosted: Sun 16 Feb 2020, 13:55    Post subject:  

When I last checked, Qualys Client Check also has it.

AtomicPup-2020... clicking on the button DOES NOT WORK. The script never runs!

Regards
8Geee

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 3.8380s ][ Queries: 13 (3.7938s) ][ GZIP on ]