...a repository for (mostly technical) notes on my work and interests.

Popular posts from this blog

Due minuti e mezzo per mezzanotte

Image
Venerdi scorso, 27 Gennaio 2017, il Bulletin of the Atomic Scientists ha annunciato lo spostamento in avanti di 30 secondi del Doomsday Clock . Mancano 2 minuti e mezzo per mezzanotte. Quella che segue è una traduzione del testo integrale . Bollettino  degli Scienziati  Atomici Mancano due minuti e mezzo per mezzanotte Comunicato dal Doomsday Clock * 2017 Comitato per la Scienza e Sicurezza Bollettino degli Scienziati Atomici Direttore Responsabile, John Mecklin (*) Doomsday Clock: un orologio metaforico che indica quanto la civiltà sia vicina ad una possibile fine del mondo, pubblicato  negli ultimi settant’anni  con il bollettino annuale degli Scienziati Atomici; tra i membri, quindici premi Nobel. IT IS TWO AND A HALF MINUTES TO MIDNIGHT© Premessa del direttore  Quest’anno segna il 70mo anniversario del Doomsday Clock , una rappresentazione grafica apparsa sulla prima copertina del Bollettino degli Scienziati At...
Read more

The majority of DHS subdomains vulnerable to Man in The Middle attacks

Image
On 17th september there were 18 .dhs.gov entries in badssl , 11 of which vulnerable to Man in The Middle attacks and 4 to Poodle (TLS ) attack; United States Government Accountability Office has meanwhile found other issues which are probably bigger(?) than that, as the $6B firewall which seems hitting an impressive 6% of the total vulnerabilities selected for review: More specifically, for the five client applications we reviewed (Adobe Acrobat, Flash, Internet Explorer, Java, and Microsoft office), the NCPS intrusion detection signatures provided some degree of coverage for approximately 6 percent of the total vulnerabilities selected for review. ...by the way, here are the (SSL/TLS) facts about DHS as of today:
Read more

SSLLabs SSL Test on 716 .gov https sites

Image
716 .gov https sites (thanks to @hackertarget dnsdumpster) 328 " F " (45,81%) 178 " A " (24,86%) (one IP address per subdomain unless multiple scores) 2016/03/02 18:12:18 a068-acswebsrv.nyc.gov 167.153.11.46: F 2016/03/02 18:12:29 ace.cbp.dhs.gov 216.81.83.93: F 2016/03/02 18:12:29 accela1.howardcountymd.gov 167.102.191.83: F 2016/03/02 18:12:35 1click.dhsoha.oregon.gov 170.104.63.76: A- 2016/03/02 18:12:38 adfs.txdot.gov 168.58.229.156: C 2016/03/02 18:12:42 adfg.alaska.gov 146.63.61.200: C 2016/03/02 18:12:52 aip.medi-cal.ca.gov 12.9.80.162: F 2016/03/02 18:13:02 ac.ninds.nih.gov 156.40.215.10: A 2016/03/02 18:13:06 adhimmreglive.arkansas.gov 170.94.17.67: A 2016/03/02 18:13:09 adherave.arkansas.gov 170.94.15.181: B 2016/03/02 18:13:24 alerts.rochestermn.gov 12.184.36.207: A 2016/03/02 18:13:24 airmobile.house.gov 143.228.131.184: F 2016/03/02 18:13:32 aoprals.state.gov 169.253.204.152: B 2016/03/02 18...
Read more