Venerdi scorso, 27 Gennaio 2017, il Bulletin of the Atomic Scientists ha annunciato lo spostamento in avanti di 30 secondi del Doomsday Clock. Mancano 2 minuti e mezzo per mezzanotte.
Quella che segue è una traduzione del testo integrale. Bollettino degli Scienziati Atomici Mancano due minuti e mezzo per mezzanotte Comunicato dal Doomsday Clock* 2017 Comitato per la Scienza e Sicurezza Bollettino degli Scienziati Atomici
When in September 2015 DHS published its own Security Audit Report, I was rather speechless I could not find any mention of "SSL" or "TLS" in the text, but apparently DHS has been aware of Transport Layer Security earlier than that.
Today KrebsOnSecurity published a post titled DHS Giving Firms Free Penetration Tests containing a link to a document which include the status update about the ongoing cyber programs and efforts underway at the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC).
In a rather confusing timeline, we read first about a DHS ignoring SSL/TLS during its own Security Audit Report (Sept. 2015) and today about how SSL (TLS) related vulnerabilities occupy 5/5 of the Top 5 (Occurring) Vulnerabilities list in the DHS NCATS Year-Engagement Report 2014 (which indeed might have more conveniently be published at an earlier date).
The reason for this post is not the confusing order with which DHS ha…