CyberSecurityBoard
Sponsor Register Login

Friday Squid Blogging: Sqids

Sqids is an open-source library that lets you generate YouTube-looking IDs from numbers.
These IDs are short, can be generated from a custom alphabet and are guaranteed to be collision-free.
I haven't dug into the details enough to know how they can be guaranteed to be collision-free.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.


This Cyber News was published on www.schneier.com. Publication date: Fri, 29 Dec 2023 23:13:04 +0000


Cyber News related to Friday Squid Blogging: Sqids

Friday Squid Blogging: Sqids - Sqids is an open-source library that lets you generate YouTube-looking IDs from numbers. These IDs are short, can be generated from a custom alphabet and are guaranteed to be collision-free. I haven't dug into the details enough to know how they can ...
6 months ago Schneier.com
18th Anniversary Post: New Species of Pygmy Squid Discovered - They're Ryukyuan pygmy squid and Hannan's pygmy squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Yes, this is the eighteenth anniversary of Friday Squid Blogging. The first squid ...
5 months ago Schneier.com
CVE-2024-23638 - Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of ...
2 months ago
CVE-2024-25617 - Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote ...
3 months ago
Friday Squid Blogging: New Foods from Squid Fins - We only eat about half of a squid, ignoring the fins. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. It's just a complaint; the SEC still has to prove the allegations in court. It's ...
5 months ago Schneier.com
Friday Squid Blogging: Footage of Black-Eyed Squid Brooding Her Eggs - Amazing footage of a black-eyed squid carrying thousands of eggs. They tend to hang out about 6,200 feet below sea level. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Corton January ...
5 months ago Schneier.com
Friday Squid Blogging: Operation Squid - Operation Squid found 1.3 tons of cocaine hidden in frozen fish. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Gay parades for all you must all be gay or kneel before the gays in ...
3 months ago Schneier.com
CVE-2023-46724 - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate ...
8 months ago
Friday Squid Blogging: A Penguin Named "Squid" - As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. ...
4 months ago Schneier.com
CVE-2019-18678 - An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches ...
3 years ago
CVE-2023-49288 - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to ...
6 months ago Tenable.com
Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code - The woman-who has only been identified by her surname, Wang-was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone's selections arrived at the table, she posted a photo of the spread on the Chinese ...
6 months ago Schneier.com
Friday Squid Blogging: Vegan Squid-Ink Pasta - It is a simple idea but probably never seen before, since it is the opposite of what most people usually want: website owners want the most data they can get and players want to choose their username/avatar. In the context of privacy, doxing and ...
4 months ago Schneier.com
Friday Squid Blogging: New Squid Species - About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I'm a fellow and ...
4 days ago Schneier.com
CVE-2019-12525 - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if ...
2 years ago
CVE-2023-49285 - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are ...
6 months ago Tenable.com
CVE-2024-25111 - Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause ...
3 months ago Tenable.com
CVE-2020-15811 - An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser ...
3 years ago
CVE-2023-50269 - Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request ...
6 months ago Tenable.com
Tech Companies Sign Accord to Combat AI-Generated Election Trickery - Executives from Adobe, Amazon, Google, IBM, Meta, Microsoft, OpenAI and TikTok gathered at the Munich Security Conference to announce a new framework for how they respond to AI-generated deepfakes that deliberately trick voters. Twelve other ...
4 months ago Securityweek.com
CVE-2012-2213 - ** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is ...
12 years ago
CVE-2019-3688 - The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an ...
4 years ago
CVE-2020-15810 - An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser ...
3 years ago
CVE-2019-12520 - An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The ...
3 years ago
CVE-2019-12529 - An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)