Security Link Rodeo: The Patriot Act, Logjam, and Hacked Websites

Kind of good news: Senators Ron Wyden and Rand Paul teamed up to squash the Patriot Act extension. It’s going to expire on June 1st unless another vote is called on the 31st. The USA Freedom Act (which I think is good?) unfortunately didn’t make it through Senate, either.

Regarding the Logjam vulnerability that I mentioned last week, if you’ve got a cloud server and you’re generating new Diffie-Hellman parameters, make sure you’ve got good random numbers! Digital Ocean has advice on generating sufficient random data on cloud servers. The short version is that you should be running haveged on all of your servers.


Read more