Gareth Bale's stunning individual goal five minutes from time won the Copa del Rey final for Real Madrid at the expense of arch-rivals Barcelona.
The Wales forward outsprinted Barca defender Marc Bartra from the halfway line before coolly converting past keeper Jose Manuel Pinto.
Real took an early lead when Angel Di Maria fired into the bottom corner.
Barca levelled through Bartra's second-half header but it was Real celebrating after Bale's winner.
Former Tottenham star Bale had been accused of not delivering in Madrid's big matches since arriving at the Bernabeu in a world record £85m switchlast summer.
But, without the injured Cristiano Ronaldo alongside him, the 24-year-old took centre stage with a moment of inspiration which swung a delicately-balanced final in favour of Carlo Ancelotti's side at a crucial stage.
With Barcelona pressing for a winner, Real countered quickly with pace - a tactic which they had employed throughout - to snatch the first silverware of the Spanish season.
Barcelona forward Lionel Messi, a largely anonymous figure, lost possession in the Madrid penalty area before Fabio Coentrao launched the attack with a long ball down the left touchline towards Bale.
Bale knocked the ball into the empty Barcelona half and, despite Bartra's best efforts to lever him off the ball, managed to keep his feet before squeezing past Pinto at his near post.
It was a bitter blow for Barcelona, who had showed character and resilience to fight their way back into the tie.
The Catalans dominated possession throughout but failed to test the recalled Iker Casillas, who has been Diego Lopez's understudy in La Liga but a starter in the Copa del Rey, with regularity or substance.
It has been a familiar pattern in coach Tata Martino's first season at the Nou Camp, leading to criticism of the Argentine's methods and doubts over his long-term future.
Martino was tactically outwitted by Real counterpart Ancelotti - for the first time this season after Barca won at both the Nou Campand Bernabeu- as the Italian's players carried out his instructions to the letter. Madrid were organised and committed as they defended resolutely in numbers before utilising the pace of Bale and Di Maria on the break.
The Argentina international latched on to Karim Benzema's pass before shooting across Pinto, only playing because of Victor Valdes's continuing absence through injury, for the 11th-minute opener.
Barca dictated the play after Real's goal, without managing to stretch Casillas, and continued to patiently probe for an opening after the break.
Despite barely meriting an equaliser, they were level when Bartra was left unmarked to powerfully head Xavi's 68th-minute corner into the top corner.
After Bale put Madrid back in front, Barcelona almost recovered for a second time in the dying stages. Neymar poked a shot past Casillas, only to see his effort cannon back off the Real post into the grateful hands of the Spain international.
The Catalans have endured a miserable season by their own high standards, with a series of off-the-field troubles compounding their below-par performances on the pitch.
The club's reputation has taken a battering over the past few months following the tax scandalsurrounding last summer's £50m signing of Brazil star Neymar and a Fifa transfer banfor breaking rules on signing teenage players last month.
On top of that, the prospect of a rare trophyless season is now a strong possibility.
The reigning Spanish champions are third in La Liga, four points adrift of leaders Atletico and one behind Real, with five games remaining and were eliminated from the Champions League by Atletico last week.
By contrast, Bale's late goal allowed Real to take the first step towards a potential treble - as they are also pushing to win La Liga and the Champions League, in which they face Bayern Munich in the last four
Wednesday 16 April 2014
Heartbleed Bug: Public urged to reset all passwords
Several tech firms are urging people to change all their passwords after the discovery of a major security flaw.
The Yahoo blogging platform Tumblr has advised the publicto "change your passwords everywhere - especially your high-security services like email, file storage and banking".
Security advisers have given similar warnings about the Heartbleed Bug.
It follows news that a productused to safeguard data could be compromised to allow eavesdropping.
OpenSSL is a popular cryptographic library used to digitally scramble sensitive data as it passes to and from computer servers so that only the service provider and the intended recipients can make sense of it.
On the scale of one to 10, this is an 11
Bruce Schneier, Security technologist
If an organisation employs OpenSSL, users see a padlock icon in their web browser - although this can also be triggered by rival products.
Those affected include Canada's tax collecting agency, which halted online services"to safeguard the integrity of the information we hold".
Copied keys
Google Security and Codenomicon - a Finnish security company - revealed on Monday that a flaw had existed in OpenSSL for more than two years that could be used to expose the secret keys that identify service providers employing the code.
They said that if attackers made copies of these keys they could steal the names and passwords of people using the services, as well as take copies of their data and set up spoof sites that would appear legitimate because they used the stolen credentials.
Password tips
The University of Surrey's Prof Alan Woodward is among security experts to have suggested internet users should now update their login details.
He suggests the following rules should be observed when picking a new password.
Don't choose one obviously associated with you
Hackers can find out a lot about you from social media so if they are targeting you specifically and you choose, say, your pet's name you're in trouble.
Choose words that don't appear in a dictionary
Hackers can precalculate the encrypted forms of whole dictionaries and easily reverse engineer your password.
Use a mixture of unusual characters
You can use a word or phrase that you can easily remember but where characters are substituted, eg, Myd0gha2B1g3ars!
Have different passwords for different sites and systems
If hackers compromise one system you do not want them having the key to unlock all your other accounts.
Keep them safely
With multiple passwords it is tempting to write them down and carry them around with you. Better to use some form of secure password vault on your phone.
It is not known whether the exploit had been used before the revelation, since doing so would not leave a trail - unless the hackers published their haul online.
"If people have logged into a service during the window of vulnerability then there is a chance that the password is already harvested," said Ari Takanen, Codenomicon's chief technology officer.
"In that sense it's a good idea to change the passwords on all the updated web portals."
Other security experts have been shocked by the revelation
"Catastrophic is the right word. On the scale of one to 10, this is an 11," blogged Bruce Schneier.
The BBC understands that Google warned a select number of organisations about the issue before making it public, so they could update their equipment to a new version of OpenSSL released at the start of the week.
However, it appears that Yahoo was not included on this list and tech site Cnet has reportedthat some people were able to obtain
The Yahoo blogging platform Tumblr has advised the publicto "change your passwords everywhere - especially your high-security services like email, file storage and banking".
Security advisers have given similar warnings about the Heartbleed Bug.
It follows news that a productused to safeguard data could be compromised to allow eavesdropping.
OpenSSL is a popular cryptographic library used to digitally scramble sensitive data as it passes to and from computer servers so that only the service provider and the intended recipients can make sense of it.
On the scale of one to 10, this is an 11
Bruce Schneier, Security technologist
If an organisation employs OpenSSL, users see a padlock icon in their web browser - although this can also be triggered by rival products.
Those affected include Canada's tax collecting agency, which halted online services"to safeguard the integrity of the information we hold".
Copied keys
Google Security and Codenomicon - a Finnish security company - revealed on Monday that a flaw had existed in OpenSSL for more than two years that could be used to expose the secret keys that identify service providers employing the code.
They said that if attackers made copies of these keys they could steal the names and passwords of people using the services, as well as take copies of their data and set up spoof sites that would appear legitimate because they used the stolen credentials.
Password tips
The University of Surrey's Prof Alan Woodward is among security experts to have suggested internet users should now update their login details.
He suggests the following rules should be observed when picking a new password.
Don't choose one obviously associated with you
Hackers can find out a lot about you from social media so if they are targeting you specifically and you choose, say, your pet's name you're in trouble.
Choose words that don't appear in a dictionary
Hackers can precalculate the encrypted forms of whole dictionaries and easily reverse engineer your password.
Use a mixture of unusual characters
You can use a word or phrase that you can easily remember but where characters are substituted, eg, Myd0gha2B1g3ars!
Have different passwords for different sites and systems
If hackers compromise one system you do not want them having the key to unlock all your other accounts.
Keep them safely
With multiple passwords it is tempting to write them down and carry them around with you. Better to use some form of secure password vault on your phone.
It is not known whether the exploit had been used before the revelation, since doing so would not leave a trail - unless the hackers published their haul online.
"If people have logged into a service during the window of vulnerability then there is a chance that the password is already harvested," said Ari Takanen, Codenomicon's chief technology officer.
"In that sense it's a good idea to change the passwords on all the updated web portals."
Other security experts have been shocked by the revelation
"Catastrophic is the right word. On the scale of one to 10, this is an 11," blogged Bruce Schneier.
The BBC understands that Google warned a select number of organisations about the issue before making it public, so they could update their equipment to a new version of OpenSSL released at the start of the week.
However, it appears that Yahoo was not included on this list and tech site Cnet has reportedthat some people were able to obtain
Subscribe to:
Posts (Atom)