Latest Posts

(credit: Hanno Böck)

There’s a bug in the widely used Apache Web Server that causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other secrets, a freelance journalist has disclosed.

The vulnerability can be triggered by querying a server with what’s known as an OPTIONS request. Like the better known GET and POST requests, OPTIONS is a type of HTTP method that allows users to determine which HTTP requests are supported by the server. Normally, a server will respond with GET, POST, OPTIONS, and any other supported methods. Under certain conditions, however, responses from Apache Web Server include the data stored in computer memory. Patches are available here and here.

The best-known vulnerability to leak potentially serious server memory was the Heartbleed bug located in the widely used OpenSSL cryptography library. Within hours of Heartbleed’s disclosure in April 2014, attackers were exploiting it to obtain passwords belonging to users of Yahoo, Ars, and other sites. Heartbleed could also be exploited to bleed websites’ private encryption keys and to hack networks with multifactor authentication.

Read 3 remaining paragraphs | Comments

A drug denied to restaurant critic AA Gill on the NHS will now be made available to patients in England.

Boris Johnson’s claim the cabinet is in harmony over Brexit is among the front-page headlines.

SAN JUAN, Puerto Rico (Reuters) – Hurricane Maria, the second maximum-strength storm to hit the Caribbean this month, killed at least one person in Guadeloupe and bore down menacingly on the Virgin Islands and Puerto Rico on Tuesday after devastating the tiny island nation of Dominica.

Enlarge / Have you struggled to understand Steam review bomb incidents? Do these incredibly unclear line charts help at all? (credit: Valve Software)

Steam, the largest digital PC game storefront in the West, continues to struggle with user-contributed game reviews. Valve launched the feature in 2013, and since then, it has seen various updates to deal with issues such as false and gamed reviews.

But none of those updates were much comfort to the game Firewatch last week. Its Steam review page was swarmed with negative reviews after its developer Campo Santo denounced the hateful speech of game streamer PewDiePie and issued DMCA challenges to that streamer’s videos about Firewatch.

Maybe it’s a coincidence that Valve not only announced a new Steam user review feature on Tuesday but also tied it in a huge way to the issue of “review bombing.” Either way, Steam store pages now come with a lot more data in the form of “review histograms.” What are they? How will they affect reviews going forward? And most importantly, is that enough action to deal with a noticeable rise in irrelevant and poisonous use of Steam’s storefront?

Read 19 remaining paragraphs | Comments

UNITED NATIONS (Reuters) – French President Emmanuel Macron cast himself as the antithesis of Donald Trump at the United Nations on Tuesday, a position that could enable him to play the honest broker in international conflicts.

Rivalries in Orkney more than 4,500 years ago led to competition between communities, according to new research.

MEXICO CITY (Reuters) – A major earthquake of magnitude 7.1 struck central Mexico on Tuesday, killing at least 60 people in several states, toppling buildings in the heavily populated capital and forcing thousands of people into the streets in panic.