Profile

Cover photo
Niels Provos
Works at Google
Attended University of Michigan
3,958 followers|742,755 views
AboutPostsPhotosYouTube+1's

Stream

 
"General Mills, the maker of cereals like Cheerios and Chex as well as brands like Bisquick and Betty Crocker, has quietly added language to its website to alert consumers that they give up their right to sue the company if they download coupons, “join” it in online communities like Facebook, enter a company-sponsored sweepstakes or contest or interact with it in a variety of other ways."
The food company General Mills added language to its website to alert customers that they cannot take legal action against the company if they download coupons, enter a contest or connect with it in other ways.
2
1
Lea Kissner's profile photoWilliam Rodriguez's profile photo
 
Ha ha no. I seriously hope this doesn't stand up in court. The proliferating arbitration clauses are starting to look far too much like Snow Crash.
Add a comment...

Niels Provos

Shared publicly  - 
 
"China's air pollution could be intensifying storms over the Pacific Ocean and altering weather patterns in North America, according to scientists in the US. A team from Texas, California and Washington state has found that pollution from Asia, much of it arising in China, is leading to more intense cyclones, increased precipitation and more warm air in the mid-Pacific moving towards the north pole."
Computer modelling showed intensification of US-bound Pacific storms, driven by fine aerosols from coal power plants and traffic
3
Add a comment...

Niels Provos

Shared publicly  - 
 
"Underscoring the severity of the Heartbleed bug affecting huge swaths of the Internet, hackers exploited the vulnerability to steal taxpayer data for at least 900 Canadian citizens and an unknown number of businesses, officials in that country warned Monday morning."
Over six hours, tax IDs plucked from servers run by the Canada Revenue agency.
3
1
Lucas Holt's profile photo
Add a comment...

Niels Provos

Shared publicly  - 
 
Two Viking-esque barrel padlocks.
17
1
Eugene Alexeev's profile photoLenny Zeltser's profile photoNiels Provos's profile photoElie Bursztein's profile photo
3 comments
 
What kind of lock it is inside? Does not seems to be a standard pin lock.
Add a comment...
 
 
Heartbleed in pictures.

This is the most accessible explanation yet, from xkcd.

http://m.xkcd.com/1354/

#Heartbleed #xkcd #security
10
Daniel Jo's profile photo
 
Wow. I didn't realize it was ultimately a bounds checking issue.
Add a comment...
Have him in circles
3,958 people
Billy Rios's profile photo
 
"Private encryption keys have been successfully extracted multiple times from a virtual private network server running the widely used OpenVPN application with a vulnerable version of OpenSSL, adding yet more urgency to the call for operators to fully protect their systems against the catastrophic Heartbleed bug."
Until you get a new key, consider your OpenSSL-powered VPN network compromised.
11
8
Jürgen Christoffel's profile photoBreen Ouellette's profile photomax stalnaker's profile photoOliver Herold's profile photo
 
Shouldn't it be impossible for non-authenticated users to send heartbeat messages? That is, I can see that this will expose the private key to the users, but can it expose it to someone else?
Add a comment...
 
Lunar Eclipse from last night.
23
Add a comment...

Niels Provos

Shared publicly  - 
2
Aniko Hoover's profile photo
 
...It might be magic too... just saying... Oh, and ...um what's it's Name? Surely this sword has a name...right? #magicswords  
Add a comment...

Niels Provos

Shared publicly  - 
 
The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said.
10
8
Erik Corry's profile photoNathan Lunde-Berry's profile photoGreg Steuck's profile photoRoberto Peon's profile photo
22 comments
 
Thanks to Neel Mehta for checking the Google logs for NSA activity and publicly killing their bug ;)
Add a comment...

Niels Provos

Shared publicly  - 
 
"Verify apps: now protecting you continually
Building on Verify apps, which already protects people when they’re installing apps outside of Google Play at the time of installation, we’re rolling out a new enhancement which will now continually check devices to make sure that all apps are behaving in a safe manner, even after installation. In the last year, the foundation of this service—Verify apps—has been used more than 4 billion times to check apps at the time of install. This enhancement will take that protection even further, using Android’s powerful app scanning system developed by the Android security and Safe Browsing teams."
8
2
Kelvin Lomboy's profile photoBreen Ouellette's profile photonawa xambar's profile photoRoberto Peon's profile photo
4 comments
 
+Roberto Peon: Would you make the switch to Cyanogenmod for the ability to fully configure app permissions? I was using it with my last phone and the app permissions worked great.

Now that I'm on the Nexus 5, rather than use a custom ROM I've just rooted the phone and used the Xposed framework and the GravityBox. It's much more stable than Cyanogenmod was for me, and the only thing I'm really missing is Cyanogenmod's app permission system. I've re-enable App Ops on the Nexus 5 using Xposed, but it just isn't as good.

On the other hand, I'm just not sure if I want to go back to Cyanogenmod's brutal development cycle just for a better app permission system. I'd probably go back if they switched to a sane development cycle like OpenBSD. I'm not holding my breath, though.
Add a comment...
People
Have him in circles
3,958 people
Billy Rios's profile photo
Work
Occupation
Software Engineer
Employment
  • Google
    Software Engineer, present
Basic Information
Gender
Male
Story
Introduction
Niels Provos received a Ph.D. from the University of Michigan in 2003, where he studied experimental and theoretical aspects of computer and network security. He is one of the OpenSSH creators and known for his security work on OpenBSD. He developed Honeyd, a popular open source honeypot platform; SpyBye, a client honeypot that helps web masters to detect malware on their web pages; and many other tools such as Systrace and Stegdetect. He is a member of the Honeynet Project and an active contributor to open source projects. Provos is currently employed as distinguished engineer at Google, Inc. When not working with computers, he forges steel into swords.
Education
  • University of Michigan
    Computer Science, 1998 - 2003
  • Universität Hamburg
    Mathematik, 1992 - 1998
Niels Provos's +1's are the things they like, agree with, or want to recommend.
Electronic Frontier Foundation
plus.google.com

Defending your civil liberties in a digital world.

YouTube - Peter Johnsson Sword Smith -- The making of a Messer sword part I
www.youtube.com

Create AccountSign In. Home. BrowseMoviesUpload. Hey there, this is not a commercial interruption. You're using an outdated browser, whi

Google Tells Cops to Get Warrants for User E-mail, Cloud Data | Threat L...
www.wired.com

Google demands probable-cause, court-issued warrants to divulge the contents of Gmail and other cloud-stored documents to authorities in the

The Meco Midget Torch
www.ottofrei.com

Our most popular torch set up. Contains Meco Midget torch with 3 tips, hoses, empty 20CF oxygen tank, uniweld single stage oxygen regulator,

viking sword : the handle and scabbard
www.youtube.com

Deuxième partie de la vidéo : le fourreau , la poignée, garde et pommeau. Second part of the video : scabbard, handle , guard and pommel

Torches, Soldering & Joining, Laser & PUK Welders, Adhesives, Ta...
www.ottofrei.com

Torches, Soldering & Joining, Laser & PUK Welders, Adhesives, Taps, Dies

Damascus steel in detail, M. Kunelius - Part 1
www.youtube.com

Making damascus steel by Matti Kunelius Part 1. In this video Matti Kunelius a Finnish bladesmith and a silversmith student demonstrates how

Google Forced to Release WikiLeaks Volunteer's Gmail Info
searchenginewatch.com

Google and Sonic.net, a small Internet service provider, have been forced to hand a WikiLeaks volunteer’s email information to the U.S. gove

Chromium Blog: All About Safe Browsing
blog.chromium.org

While the web is a virtual treasure trove of great content, it's also used by bad guys to steal personal information. One of Chrome'

Marco Rubio Clarifies The Earth’s Age: It’s ‘At Least 4.5 Billion Years ...
thinkprogress.org

Sen. Marco Rubio (R-FL) turned heads last month when he told GQ Magazine that he didn’t know the age of the earth and sparked speculation th

Children's Song (Händchen fein?) variations
www.youtube.com

Richard Grayson improvises on a Children's song (Händchen fein?) in a series of stylistic variations: 1. Renaissance (William Byrd) 2. Baroq

Mountain View Kendo Dojo
www.mountainviewkendo.org

Website of the Mountain View Kendo Dojo

Mountain View Kendo Dojo
www.mountainviewkendo.org

Website of the Mountain View Kendo Dojo

Sword and Smith Forged Part 1
www.youtube.com

documentary film copyright joe pierre 2012

Michael Bell, Swordsmith of Dragonfly Forge
www.youtube.com

Michael Bell, master swordsmith of Dragonfly Forge and head instructor of Tomboyama Nihontō Tanren Dōjō (Dragonfly Mountain Japanese Sword F