Skip to main content


Showing posts from October, 2014

Massive Critical Security Patch Released by Oracle Impacting Most Versions of MySQL

Oracle has released a Critical Security Patch for a long list of Oracle products. For MySQL specifically, the patch purports to resolve a multitude of vulnerabilities that allow remote execution without authentication, and impact nearly all versions of the database software. Oracle provided the following Risk Matrix to their MySQL customers, which outlines the CVE numbers of stated vulnerabilities, the component used by the vulnerability and a number of other details. I've included a copy of that Matrix for readers to review below. As the reader can clearly see, the risk for unpatched MySQL users is huge. A total of 154 vulnerabilities are addressed with this update. Some of these vulnerabilities reach a forehead-slapping CVSS score of 9.0 (just one point beneath the score for  the recent Shellshock bash vulnerability ). 24 of the patches are for MySQL. I highly advise anyone using MySQL or any Oracle product, including Java, to  update their software immediately.

Rep. Joe Garcia (D-FL) Picking His Earwax and Eating It

Words fail me.

Coincidence? Perhaps Not.

Observe, if you will, the following clear cut photographic evidence that something  is amiss in Washington. Henry Waxman . Powerful Congressman, member of the House of Representatives. Former Chair of the Energy and Commerce Subcommittee on Health and the Environment. Chairman of the House Energy and Commerce Committee . Rumored to snort cocaine without the aid of a straw or similar apparatus. Claims the ability to "smell fear". Edward Tattsyrup . Star of BBC television documentary " League of Gentlemen ". Owner of Royston Vasey's Local Shop. Brother and husband of Tulip "Tubbs" Tattsyrup. Committed to the interests of both his Local Shop and the Local People of Royston Vasey. The genetic link between these two individuals is clear. Have Royston Vasey politics leapt across the pond? Royston Vasey is a Local Shop for Local People - there is nothing for Americans, there . How have the Tattsyrup's bizaare opinions regarding transp

Kids These Days

I don't get them.

Why is the Washington Post Publishing Pro-Surveillance Propaganda? Can Government Surveillance Revelations Decrease Encryption Adoption?

For the last few days I've had great fun watching James Comey and his pack of Keystone Cyber Cops failing to convince the world that they should be CC'd on everyone's calls, tweets and texts and generally exposing himself as the incompetent, braying ass that he is. Keep in mind the camera adds 10 pounds Dan Froomkin and Natasha Vargas-Cooper over at The Intercept  exposing each of the examples that Comey used to indicate the necessity for breaking cell phone encryption as fabricated - the cases were real, but none of them relied on cell phones or computers to obtain a conviction. In one case of infanticide, the parents who were eventually found guilty had been previously convicted of child cruelty and had the deceased child previously taken from their custody for neglect. Not only did the state not need to read the parents' phones for evidence, if they had read their own files  and demonstrated some inter-agency cooperation they could very likely have prevent