Internet security experts are seriously concerned about an implementation problem with some versions of OpenSSL (a cryptographic library that powers Secure Sockets Layer or Transport Security Layer encryption). So what's OpenSSL? It's basically that little padlock symbol you see in your browser when visiting a secure website. And the problem with these secure sites is called "Heartbleed:"
Even if you've never heard of OpenSSL, it's probably a part of your life in one way or another — or, more likely, in many ways. The apps you use, the sites you visit; if they encrypt the data they send back and forth, there's a good chance they use OpenSSL to do it. The Apache web server that powers something like 50 percent of the internet's web sites, for example, utilizes OpenSSL.
Through a bug that security researchers have dubbed "Heartbleed," it seems that it's possible to trick almost any system running any version of OpenSSL from the past 2 years into revealing chunks of data sitting in its system memory.
Why that's bad: very, very sensitive data often sits in a server's system memory, including the keys it uses to encrypt and decrypt communication (read: usernames, passwords, credit cards, etc.) This means an attacker could quite feasibly get a server to spit out its secret keys, allowing them to read to any communication that they intercept like it wasn't encrypted it all. Armed with those keys, an attacker could also impersonate an otherwise secure site/server in a way that would fool many of your browser's built-in security checks. [TechCrunch]
This is a programming mistake, not a problem with the cryptography itself. Luckily, there are patches out already, and web companies are scrambling to bring their systems up to date. Here is more information, and here is a tool to test whether a server is vulnerable. Ryan Cooper
Over the last three days, a heatwave has killed at least 65 people in Karachi, the biggest city in Pakistan.
On Monday, the temperature reached 111 degrees Fahrenheit, and extreme temperatures are expected through Thursday. There have been several power outages, and because it is the holy month of Ramadan, most Muslims are not eating or drinking during daylight hours.
Faisal Edhi, the owner of a company that runs morgues and an ambulance service, told Reuters most of the people who have died "work around heaters and boilers in textile factories," and lived in the poorer areas of Karachi. He said that most doctors agree they died of heat stroke, but the health secretary of Sindh province said he "categorically" rejects the idea that anyone died in Karachi from heat stroke, since "only doctors and hospitals can decide" the cause of death. In 2015, at least 1,300 people, most of them ill or very old, died in a heatwave. Catherine Garcia
Get ready for your mailbox to smell a little sweeter — this summer, the U.S. Postal Service will introduce its first-ever scratch-and-sniff stamps.
The Forever stamps will be sold in booklets of 20, featuring 10 watercolor illustrations of popsicles designed by artist Margaret Berg of California. The stamps will be issued on June 20, with a dedication ceremony at the Thinkery Children's Museum in Austin.
The exact scent remains a mystery, and won't be revealed until next month, but the Postal Service did issue a few clues in its press release: "In recent years, frozen treats containing fresh fruit such as kiwi, watermelon, blueberries, oranges, and strawberries have become more common. In addition, flavors such as chocolate, root beer, and cola are also popular." So, maybe it will smell like a chocolate-covered kiwi dunked in root beer? Yay? Catherine Garcia
The Syrian military said Monday that after fighting for a month, it has captured an area of southern Damascus from the Islamic State, and the capital is now, for the first time since the country's civil war began in 2011, under full government control.
They were able to take back the Palestinian refugee camp Yarmouk and the Hajar al-Aswad district, and will now focus on the territory held by rebels in southern Syria. President Bashar al-Assad's forces have been assisted by Iranian-backed militias, including Hezbollah out of Lebanon, and after Secretary of State Mike Pompeo on Monday called on Iran to leave Syria, Iranian Foreign Ministry spokesman Bahram Ghasemi told reporters that his country's "presence in Syria has been based on a request by the Syrian government and Iran will continue its support as long as the Syrian government wants."
A monitoring group said that 1,600 people, including hundreds of ISIS militants, left southern Damascus on Saturday and Sunday, and went toward the eastern desert after agreeing to a deal with the Syrian government, The Associated Press reports. Catherine Garcia
Interview magazine, founded by Andy Warhol in 1969, is shutting down, several staff members confirmed Monday.
The magazine featured celebrities interviewing one another, and covered art, entertainment, pop culture, and fashion. Editor Ezra Marcus told CNNMoney that the magazine is "folding both web and print effective immediately," with employees finding out during a meeting that the company is filing for bankruptcy. In 1989, billionaire Peter Brant purchased Interview from Warhol's estate.
The past several months were tumultuous for the magazine, with its former editorial director suing for back pay and the fashion director resigning after being accused of sexual misconduct. Catherine Garcia
The Onion hilariously eviscerates Michael Cohen's 2013 demand to remove a 'disgusting' article about Trump
Back in 2013, before anyone suspected that Donald Trump might one day become president, satirical news outlet The Onion made fun of the reality TV host by mocking his birther claims. Even then, Trump's longtime fixer Michael Cohen was defending him behind the scenes.
The Onion on Monday finally responded to a 2013 cease-and-desist letter from Cohen regarding a satirical article about Trump, hilariously taking down the attorney for his outrage.
Earlier that year, the satirical news outlet published a piece titled "When You're Feeling Low, Just Remember I'll Be Dead In About 15 or 20 Years" and attributed it to Trump. "You can always take solace in the fact that the monstrous, unimaginable piece of s--t that is me will stop existing fairly soon," read the article. "Why, by 2020, I, a man who recently tried to extort the sitting president of the United States to release his college and passport records, might even begin to show signs of serious and unavoidable decline in mental and physical faculties."
The article did not sit well with Cohen. He called it an "absolutely disgusting piece" that went "way beyond defamation" in an email to The Onion soon after it was published. Cohen demanded that the article be removed and that the publication issue an apology. The Onion, needless to say, did not feel that necessary.
"We would be more than willing to accommodate Mr. Cohen's wishes," the outlet wrote in long-overdue response, "provided we get something in return, of course." The Onion poked fun at recent reports alleging that Cohen had accepted money in exchange for access to Trump, asking for a quid pro quo deal over the offensive article. Read the full response at The Onion. Summer Meza
You know what they say: One man's "little rocket man" is another's "supreme leader." Only in the case of President Trump, it appears the same man can be both. CNN's Jim Acosta tweeted Monday that there is a White House collectable military coin commemorating the upcoming summit between Trump and Kim Jong Un, which uses an unusually glowing title for the dictator:
There's now a White House Military Office coin for the upcoming Trump Kim Jong Un summit. The North Korean dictator is referred to as "Supreme Leader Kim Jong Un." pic.twitter.com/tFAmE813Y1
— Jim Acosta (@Acosta) May 21, 2018
While putting Kim's face on a commemorative coin is shocking enough, most publications simply call Kim the "leader" of North Korea. Calling him "Supreme Leader" is a little bit like calling Idi Amin, the former president of Uganda, by his preferred title: "His Excellency, President for Life, Field Marshal Al Hadji Doctor Idi Amin Dada, VC, DSO, MC, Lord of All the Beasts of the Earth and Fishes of the Seas and Conqueror of the British Empire in Africa in General and Uganda in Particular."
Admittedly, Kim's own full title — Dear Respected Comrade Kim Jong Un, Chairman of the Workers' Party of Korea, Chairman of the State Affairs Commission of the Democratic People's Republic of Korea and Supreme Commander of the Korean People's Army — probably wouldn't have fit on the coin. Jeva Lange
Street harassers beware: Whistles and catcalls could be costly.
Lawmakers in France's National Assembly passed a measure last week that would fine people who harass women up to $885, The Washington Post reports.
The bill, which still needs the approval of the French Senate to officially become law, will require people to pay on the spot if they are caught whistling at women, heckling them, or following them. Anything that "infringes the freedom of movement of women in public spaces and undermines self-esteem and the right to security" could merit a fine. Do it more than once, and street harassment could get really expensive — repeat offenders will be required to pay up to $3,500.
French President Emmanuel Macron said the measure would make France a place where "women are not afraid to be outside," reports the Post. About 90 percent of French citizens supported the measure in one recent poll, though not everyone agrees that it will be easy to enforce. About 83 percent of French women say they have been harassed on the street. Read more at The Washington Post. Summer Meza