Daily Archives: 2019-03-01

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAAA *segfault*

Source: The Register

Article note: Again? It's a classic "strcopy into a buffer fixed-bytes away from the return address" bug.

RV110W, RV130W, RV215W need patching to close remote hijacking bug

Cisco has patched three of its RV-series routers after Pen Test Partners (PTP) found them using hoary old C function strcpy insecurely in login authentication function. The programming blunder can be exploited to potentially hijack the devices.…

Posted in News | Leave a comment

Burning Digital Books and the Fight over Online Ideology

Source: Hacker News

Article note: It's not a great essay, but at least it does hit the "proximity and reach as the primary problems" point that I've been steadily more convinced of. The internet (and especially social media) means you are constantly confronted with your neighbors' ideas you find abhorrent, and you and your neighbor can both round up a global-scale mob who share your probably abhorrent to others ideas, and that's a recipe for disaster. I read Neal Stephenson's Diamond Age (published in 1995) recently, and while its most interesting thoughts (to me) are about education, it also has an _awful_ lot about the inherent difficulties of pluralistic society, especially in the face of delocalization. Tragically, it didn't have much in the way of good advice on solutions.
Posted in News | Leave a comment