Editing 1957: 2018 CVE List
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 21: | Line 21: | ||
:This is not a security problem, since Wikipedia articles are public. However, since Shannon formulated how the amount of unique or actual information some entity contains is proportional to the number of bits required to encode it, retrieving only a few bits casts a dark perspective upon the significance of the Shannon article's content. | :This is not a security problem, since Wikipedia articles are public. However, since Shannon formulated how the amount of unique or actual information some entity contains is proportional to the number of bits required to encode it, retrieving only a few bits casts a dark perspective upon the significance of the Shannon article's content. | ||
;At the cafe on Third Street, the Post-it note with the WiFi password is visible from the sidewalk. | ;At the cafe on Third Street, the Post-it note with the WiFi password is visible from the sidewalk. | ||
− | :Cafés often offer free access to WiFi as a service to patrons, as a business strategy to encourage said patrons to remain in the building and buy more coffee. Some use a password, so that only patrons can use the WiFi, and may display the password on signage inside. Since anybody could go into the cafe to read the post-it, and then use the network from nearby, the ability to read it from outside is, at most, a trivial problem. For systems that are supposed to be secure, writing passwords in a visible place is a major security flaw. For instance, following the [[wikipedia:2018 Hawaii false missile alert|2018 Hawaii false missile alert]] | + | :Cafés often offer free access to WiFi as a service to patrons, as a business strategy to encourage said patrons to remain in the building and buy more coffee. Some use a password, so that only patrons can use the WiFi, and may display the password on signage inside. Since anybody could go into the cafe to read the post-it, and then use the network from nearby, the ability to read it from outside is, at most, a trivial problem. For systems that are supposed to be secure, writing passwords in a visible place is a major security flaw. For instance, following the [[wikipedia:2018 Hawaii false missile alert|2018 Hawaii false missile alert]], the agency concerned received criticism for a press photo showing [https://www.businessinsider.com/hawaii-emergency-agency-password-discovered-in-photo-sparks-security-criticism-2018-1?r=US&IR=T a password written on a sticky note] attached to a monitor. |
;A remote attacker can inject arbitrary text into public-facing pages via the comments box. | ;A remote attacker can inject arbitrary text into public-facing pages via the comments box. | ||
:Describes a common feature on news sites or social media sites like Facebook. The possibility for users to "inject" text into the page is by design. This is a humorous reference to the relatively common security vulnerability "[[Wikipedia:Cross-site_scripting|persistent cross-site scripting]]", where input provided by a user, such as through a comment section, can result in dangerous content containing arbitrary HTML or JavaScript code being displayed to other users. | :Describes a common feature on news sites or social media sites like Facebook. The possibility for users to "inject" text into the page is by design. This is a humorous reference to the relatively common security vulnerability "[[Wikipedia:Cross-site_scripting|persistent cross-site scripting]]", where input provided by a user, such as through a comment section, can result in dangerous content containing arbitrary HTML or JavaScript code being displayed to other users. |