What Is Shellshock, How Does It Work and Why Does It Matter?

And we thought Heartbleed was bad. Welcome to Shellshock, the latest security threat to hit the Internet. And it's a doozy.

Like Heartbleed, Shellshock's technical complexity (when compared to other types of system vulnerabilities) makes explaining what the vulnerability is, how it works, and the potential damage challenging.

See also: Apple Responds to Shellshock: Majority of Users Are Not at Risk

Talking about Bash commands and code injections and environment-variable definitions will make many eyes glaze over. And that's a bad thing, because Shellshock is serious. Very serious.

Software architect and Microsoft MVP Troy Hunt wrote a fantastic Shellshock FAQ that we highly recommend reading. Hunt does a good job of explaining what is what in English. Read more...

More about Security, Tech, Apps Software, Dev Design, and Bash

from Tech http://ift.tt/ZXLoFN

via IFTTT

Posted in: Tech