Shellshock! Bash Vulnerability.

This past Wednesday, September 24th a vulnerability in bash was announced and I wanted to give a quick summary or run-down of the situation and how it may effect some of us. The vulnerability allows code execution in bash simply by setting certain specific environment variables. The vulnerability was originally found by Stephane Schazelas, and later Travis Ormandy disclosed a secondary exploit that manages to circumvent the initial patch. Given the fact this vulnerability revolves around using bash shells it has been given the name "shellshock". It has also been assigned two separate CVE numbers, CVE-2014-6271 for the original vulnerability and CVE-2014-7169 for the secondary variation.

Read More





Bus Factor

Many of you may be familiar with bus factor, lottery, truck factor, and/or bus/truck number. For those that aren't though, I wanted to take a small moment to explain it. The concept is quite simple. This "factor" is nothing more than a scary way of labelling the number of developers a project could stand to lose (get hit by a bus) before the project couldn't continue. People have various events in their lives that permit or prevent them from performing certain tasks. As with software development someone's ability to keep working on a project could be taken away by changing jobs, getting a promotion, winning the lottery and quitting, or the more tragic getting hit by a bus/truck.

Read More

GET IN TOUCH

Call us at (214) 556-6613 or   CONTACT US