Million Miles Away From Hacker’s Home

wpid-wp-1413765967231.jpeg

When there is a will, there has to be a way of improving our extremely compromised cyber security. Even if you do not have or do not want to pay money for cyber security services, you can always compensate. Just ask United Airlines, because they certainly have a lot to tell you all about it.

For what is worth, the busy little bees in the United Airlines have launched a genuine bug bounty program. So, what is so special about it? Well, if you knock them off their feet, your reward is not going to be a financial one. Surprised?

How about a one million miles of free flights reward, for a change? The United Airlines has decided that it is worth of every mile. What for? Well, thanks to the cyber bug bounty hunters, their website is bulletproof, when it comes to potential hacker’s attacks.

That is not all. One of the biggest worries for every airline company is a serious threat of a cyber hijack of a plane. In this worst case scenario, no price is too high to pay for a proper safety measure. Our hats off to this brilliant move. We should follow United Airlines’ example.

300 MSpartans

image

Grandpa Microsoft is in the Windows 10 mood. There are no exaggerations, when it comes to Windows 10 promotion. Yet, we are not particularly impressed with this Star-Wars-laser-logo-wallpaper-thing-whatever. There is something else that has caught our attention.

Did you know that Grandpa Microsoft was able to fix 300 bugs with its second  Windows 10 Insider Preview build? Two days and 300 bugs. How about that for a change? So, when there is a will, all of a sudden jumps a way. This is something we should remember. No more excuses, that is for sure.

Would not that be a sight to see this unparalleled bugs-fix-efficiency on a daily basis? What do we need to do? Is the only way to pump out with a new OS, in order to fix all the bugs? This is unbelievable. It feels almost like an election year. Grandpa Microsoft is willing to do anything and everything.

If you can fix 300 bugs in 2 days, then imagine what you can do in 2 months or 2 years. You can literally fix all the bugs in the world, and the entire cyber history. This is a bad news definitely. So, it is entirely up to us. But, we do not want to do it. Until the next Windows, be safe.

Google Bug Whistleblower

image

What is happening with Google? It seems that they just cannot have enough of their a finger in the eye policy. What are we talking about? Well, the busy little bees in Google identify a bug in their competitor’s system. The worse it gets, the better it works for Google security experts. What is the next move?

They wait for 90 days and then they go public with their findings. This is exactly what happened with Microsoft. It was definitely a painful thing for someone to publish a detailed explanationnabout a bug in your system. This MS bug allows hackers to pay an unwanted visit to your Windows 8 at any given moment.

Now, Apple is in a similar situation. There is a similar bug in the OS. We also had the 90-day waiting period. The word about this bug is out. Just like with the Microsoft, in the previous case, Apple itself cannot do much about it. Actually, there is one thing to be done in this situation, which makes sense.

You have to come up with the appropriate security patch, haven’t you? That is the trouble. This is not something you can do in a blink of an eye. While you are waiting the users are trembling, and the competitors are celebrating. You can rest assured that your damage report at the end of the day is going to be a huge one.

Skype + Android + Bug = ?

image

Do you know the solution to this question? A spy trouble. This is what you get as a result, when you combine these three elements. Why? Well, there is this annoying and potentially dangerous bug, which allows the unwanted guests to spy on your conversations and messages. Only on Android devices.

For the time being there is only one efficient solution available. You have to log out as soon as you are done with your Skupe communication. Unfortunately, this is not an extremely practical thing to do, is it? If Skype cannot be on all the time on your smartphone, then what is the use, in the first place?

For what is worth, Microsoft is fully aware of this problem. While we are writing this, its development teams are already on it, fixing it. The trouble with the curve in this story is actually a simple one. You cannot never be safe, enough. Which brings us to one of our most used sayings in the field of cyber security.

If you have nothing to hide, then you have nothing to worry about. Right? At least this is what the NSA has to say to you. Nothing more. Nothing less. However, this is a weak comfort for the millions of Skype users, who are sharing their most intimate thoughts through it. You have a Skype call? Are you going to answer it, or what?

Forshaw’s Patch

image

There is a busy little cyber bee, who works in Google. One day, we are not quite sure if he was curious or bored, this bee has discovered a serious security flaw in Windows 8.1. This guy works and publish under a nickname Forshaw. So, are you eager to know what went wrong with Windows 8.1?

Apparently, there is a way for you to gain administrator’s privileges, and all of that completely undetected. What can you do with them? Well, it comes without saying that in this case sky is the limit. Literally. Forshaw has done both necessary things in this unfortunate and embarrassing situation.

On the side, he has informed Microsoft directly about his findings. On the other side, he has published his conclusions supported with the proper evidence. So far, Microsoft has been silent on this one. Nevertheless, it is only a matter of time before the new patch hits our cyber shores with a solution.

For what is worth, Microsoft itself has some other troubles on its mind. What is going to happen with the new Windows 10 and how successful it is going to be? This is undoubtedly the mother of all questions for Microsoft at this moment. We sure hope that this bug will not wish to move to the new OS version.

The Heartbleed Still Bleeds

2177_imela_7

Just when you thought that we are done with the Heartbleed threat, there is some bad news to spoil the mood. As you remember, this was the most serious OpenSSL vulnerability, we have ever seen. The funny thing about it, though, is that we had 600,000 servers potentially jeopardized at the beginning of this unusual crisis. What is the situation right now?

Well, for what is worth, two months after the bug was discovered, we still have more than 300,000 servers left with no appropriate protection. Two months we had to deal with this trouble. And what have we done? We only cut it in half. This is a fantastic example, how we treat our security seriously. We are being ironic on this one. We hope that is obvious.

The trouble with the curve in this matter is that the knowledge about the potential security threat is not enough to eliminate it quickly and efficiently. How much more time do we need to eliminate the Heartbleed completely? Two more months, or maybe two more years? Yes, our dear friends, this is the reality we are living in.

The Heartbleed still bleeds, and there is nothing we can do about it. Can we? It seems that the pressure was not strong enough to make IT security experts do something seriously and quickly about it. Or, maybe we are exaggerating. Maybe, it is too much to ask while demanding to clean 600,000 servers in 6 weeks. Either way, we lose, for sure.