So another digital certificate fiasco, once again involving China from CNNIC (no surprise there) – this time via Egypt. Google is going to remove all CNNIC and EV CAs from their products, probably with the next version of Chrome that gets pushed out. As of yet, no action has been taken by Firefox – or […]
Rowhammer – DDR3 Exploit – What You Need To Know
So the big news this week was the release of details of a very clever hardware attack posted by Google’s Project Zero security initiative called Rowhammer. The impressive part is this is a hardware/manufacturing bug that has elevated to a software based attack. In simple terms Rowhammer is an attack that exploits physical weaknesses in […]
Google Expands Pwnium Year Round With Infinite Bounty
There are various bug bounty programs, with Google being one of the forerunners in the field – Twitter was late to the party just joining in September 2014. The latest development is that Google is stopping the annual Pwnium hack fest aimed at the Chromium project to stop bug hoarding, which makes Pwnium essentially a […]
Google’s Chrome Apps – Are They Worth The Risk?
So there’s been a bit of debate lately about Google’s Chrome apps after the launch, most of you have probably heard of Chrome OS a while back with a few Chromebooks popping up here and there. Chrome Apps are the next generation of browser apps that can be run offline and eventually will be cross […]
Sprint Adds Google Wallet Into New NFC Capable Phones
Oh look, another aspect of security and privacy to consider as Google pushes its’ mobile payment solution ‘Wallet’ onto two new NFC capable phones – the Galaxy Nexus & LG Viper. If you haven’t heard of the service you can find out more here – Google Wallet (Wikipedia). The main concern here (security wise) is […]