In association with heise online

    Top News

    Tizen with GNOME 3 shell shown by Intel

    Tizen logo The Tizen Developers Conference saw a glimpse of a desktop/laptop version of Tizen from Intel, the latest update to Tizen's SDK, and an application competition launched more »

    Top Feature

    The H Community Calendar - June 2013

    The H Community Calendar The H Community Calendar presents the coming month's events in various open source, development, Linux, Unix and other communities, from multi-day conferences to user group get-togethers more »

    Top Open News

    Chrome 28 Beta gets faster, brings fullscreen mode to Android

    Chrome beta logo Google has release Chrome 28 to the beta release channel. The new version brings faster page rendering and a number of new developer features like fullscreen mode and WebGL in the Android version more »

    Top Open Feature

    The H Community Calendar - June 2013

    The H Community Calendar The H Community Calendar presents the coming month's events in various open source, development, Linux, Unix and other communities, from multi-day conferences to user group get-togethers more »

    Top Security News

    Samsung Galaxy S4 already hacked

    Android phone icon Less than a month after the smartphone's commercial launch, Dan Rosenberg found a design flaw in Samsung's secured bootloader that allows arbitrary kernels to be booted even on a locked phone more »

    Top Security Feature

    Skype's ominous link checking: Facts and speculation

    Skype Listening In icon Our associate's discovery that URLs sent through Skype are then visited by Microsoft has caused quite a stir. A little more information has now emerged and leads to even more questions more »

    Top Developer News

    Google Code disables direct file downloads

    Google Code logo Google has announced that it will discontinue the ability for new projects on Google Code to host direct downloads of files. Existing downloads will continue to be available more »

    Top Developer Feature

    Continuous database migration with Liquibase and Flyway

    Continuous database migration with Liquibase and Flyway An application's version-controlled source code is stored in the repository. Why not that of the database? To reproduce arbitrary database states in development, test or production environments, two powerful Java libraries are at hand that can be seamlessly integrated into a build for an agile Continuous Delivery more »

    Security news and features

    News & Features

    Friday, 24 May 2013

    Google to replace SSL certificates

    Certificate art Starting in August, Google will issue new certificates for its services. The company especially plans to scrap certificates with old 1024-bit RSA keys and replace them with 2048-bit ones more »

    Lost+Found: SSH key primer, Wireshark, toxic SSL certificates

    Lost+Found icon On The H's radar over the last seven days: how to store and protect SSH keys, Wireshark 1.8.7 and 1.6.15, game engine vulnerabilities, Volatility plugins, irrevocable SSL certificates, and historical parallels to the internet more »

    News service served with cease and desist after server access

    Scripps logo Reporters investigating a leak of personal information from two phone companies found themselves facing a cease-and-desist letter from the companies who accused them of hacking their systems, a claim the news service denies more »

    Worth Reading: Hacking the Blackberry Z10

    Worth Reading icon An introduction to analysing the Blackberry Z10 and the new Blackberry OS more »

    Thursday, 23 May 2013

    Symantec putting an end to PC Tools security products

    Symantec logo Current customers can still use the products until their subscription runs out. Symantec says that customers who are affected by the change should switch to Norton products more »

    Apple closes QuickTime vulnerabilities on Windows

    Apple patch icon Apple has released QuickTime 7.7.4, fixing 12 critical security holes causing memory corruption and buffer overflows when processing a number of media formats more »

    Twitter implements two-factor authentication

    Twitter logo A code sent by SMS, in addition to the standard password, will improve security for Twitter accounts - not a bad idea, after recent problems with hacked accounts sending out false reports more »

    Wednesday, 22 May 2013

    Chrome 27 comes with better load speeds and security fixes

    Google Chrome logo Chrome 27.0.1453.93 closes 17 security vulnerabilities for which Google has paid out almost $15,000. The newest version of the browser also improves page load speed for pages with many assets more »

    Report: DDoS service as a legitimate, FBI-approved business

    DDOS icon Unscrupulous profiteers are openly offering DDoS attacks as a service. They have no fear of being prosecuted - according to a reputable US blogger, the prosecutors themselves might be on board more »

    Bitdefender Clueful exposes Android spies

    BitDefender Clueful icon Available free of charge, the Clueful app exposes Android programs that don't take users' privacy seriously enough, for example by sending personal information to advertising networks more »

    Google: US counterintelligence service was targeted by Chinese hackers

    Spying icon The hacker attacks on Google in late 2009 may have had a greater impact than previously thought. The attackers reportedly had access to information on foreign agents collected by the US counterintelligence service more »

    Tuesday, 21 May 2013

    Yahoo Japan suspects 22 million user IDs exposed

    Yahoo logo Alerted by the levels of outgoing traffic, Yahoo Japan believes that 22 million user IDs were leaked from their systems but it is confident that no password or other verification data was involved in the exfiltration more »

    Chinese APT1 hacker group ends its spring break

    Network globe icon Back in February, a report by cybersecurity firm Mandiant exposed a Chinese military unit that targeted companies and media in the US. When the New York Times ran a feature on the APT1 group, things went quiet around the group. Now, APT1 has resumed operation more »

    Tails 0.18 can install packages on the fly

    Tails logo The latest version of the live Debian Linux distribution for anonymity and privacy especially in repressive environments is now available with on the fly package updating and support for the latest obfuscation bridges more »

    Monday, 20 May 2013

    NetBSD 6.1 and 6.0.2 released

    NetBSD logo Among the enhancements in NetBSD 6.1 is support for the Raspberry Pi's USB and onboard Ethernet, along with security and bug fixes. The same fixes are also in the newly released 6.0.2 more »

    Search engine available for Internet Census 2012 data

    Network globe icon A convenient online search facility is now available for the enormous amount of data that was accumulated during a port scan of the entire internet more »

    Saturday, 18 May 2013

    The H Roundup - Skype surveillance, Linux exploit & Android Studio

    The H Roundup logo In the week ending 18 May – Microsoft is reading what you type in Skype's chat, an exploit for the Linux kernel is discovered, Google unveils its new IDE for developing Android applications, and the International Space Station is using more Linux more »

    Friday, 17 May 2013

    Lost+Found: Hacking Smart TVs, scammer hotlines and Vaccination

    Lost+Found icon On The H's radar over the last seven days: Samsung's Smart TV software, phone scammers with their own hotline, tricking malware with Vaccination, Qualcomm is pre-installing Kaspersky on Android phones and Twitter account security more »

    Mac spyware takes screenshots

    Gatekeeper icon A newly found item of Mac malware appears to have been signed by its creator but is apparently unable to deliver its cache of screenshots to the two command and control servers it is meant to connect to more »

    Alert!ownCloud fixes critical security vulnerabilities

    OwnCloud logo The ownCloud developers have released versions 5.0.6, 4.0.15, and 4.5.11 to fix a number of serious vulnerabilities in their software including SQL injection, code execution and privilege escalation problems more »

    Thursday, 16 May 2013

    LulzSec trial: sentence handed down for UK hackers

    LulzEnd icon Four hackers from the infamous group LulzSec were sentenced in the UK today. Three of them are facing prison, while the fourth got a suspended sentence more »

    Catching hackers with virtual industrial plants

    SCADA icon What is someone scanning the internet for easily accessible industrial plants actually up to? The SCADA honeypot Conpot can help supply answers to that question more »

    zPanel hacked after support team member insults forum user

    **** The zPanel server is unavailable at the moment, most likely as a result of a hacker attack brought on by a member of the support team who swore at a forum user more »

    RIPE: Attacks on domain name systems are on the increase

    RIPE 66 logo At the meeting of the RIPE IP address registry, discussions revolved around how to get black sheep to implement overdue security measures more »

    Fraunhofer FOKUS institute releases Fuzzino fuzzing library

    FOKUS logo To avoid the need to develop new fuzz testing tools, researchers at Fraunhofer FOKUS institute have created the Fuzzino open source fuzzing library that can be used to add fuzzing features to existing test tools more »

    Got news? Let us know!


    • May's Community Calendar






    The H Open

    The H Security

    The H Developer

    The H Internet Toolkit