By manishs from Slashdot's hate-it-or-love-it-but-can't-ignore-it department
Mike Murphy, reporting for Quartz: Forty years ago today, two college dropouts decided to start selling cobbled-together computers out of a garage in California because they couldn't afford the ones on the market. They had an intricate wood-cut logo, not much money or manpower, and their first computer only sold about 175 units. But in the years between then and now, Apple has become one of the most valuable companies in the world, spurring revolutions in how we communicate, use computers, listen to music, and to a lesser extent, tell the time. [...] Some critics think that Apple is boring now, setting itself up to iterate on its successes and lock customers into their services with products that are very good, but nothing they haven't really seen before. This is a solid business strategy that will provide strong returns for years to come, but not those eye-popping leaps we've seen before. Here's a video Apple published recently showcasing 40 of its most remarkable products.Read Replies (0)
By manishs from Slashdot's a-day-late-and-a-dollar-short department
An anonymous reader writes: Since February, at least a dozen hospitals have been affected by ransomware, malware that encrypts a victim's files until they cough up a bounty to the hackers. In response, US-CERT, the country's Computer Emergency Readiness Team, issued an alert on March 31 warning potential victims of the risks, and how to protect themselves. But, considering that some hospitals have already had to divert emergency services, push high-risk operations to future dates, and even turn away some patients, is the alert too little, too late?Read Replies (0)
By BeauHD from Slashdot's problematic-encounters-of-the-SSL/TLS-certificates-kind department
An anonymous reader writes: Four years after the release of a groundbreaking study on the state of SSL/TLS certificates in non-browser applications (APIs [to be exact]), some programming languages fail to provide developers with the appropriate tools to validate certificates. Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems. According to the results, all tested programming languages (PHP, Python, Go), in various configurations, failed to detect HTTPS connections that used revoked SSL/TLS certificates. This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection.
"PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library. If the certificate was compromised and revoked by the owner, you will never know about it," noted Sucuri's Peter Kankowski.Read Replies (0)