Google on Tuesday detailed plans for oCERT, a volunteer workforce that will remediate security issues in open source applications.The move makes a ton of sense.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
The CORE Security Team released an advisory to the Full-Disclosure mailing list today that documented a stack overflow in NASA's Common Data Format libs.Looking at this bug, the tech details aren't overwhelming, I think I'm mostly excited about it due to the high profile of hacking NASA libs.
SAP has forged an agreement with Research in Motion to run its customer relationship management software on the BlackBerry platform. Just don't expect SAP to roll out to other platforms anytime soon.
In the security research world, getting Rickrolled has become a global epidemic. If you've been to any of the recent conferences, you're sure to have been Rickrolled at least once...
PHP Group delivered release 5.2.6 to fix multiple security vulnerabilities.
Dan Godin posted a great article that was picked up by The Register a couple days ago about continued challenges for McAfee's newly purchased HackerSafe division. I find the article interesting as HackerSafe uses a scanning tool that probes for web application security flaws...
Apple and AT&T providing free Wi-Fi access to iPhone users and oops... to everyone else as well!
You have to love security through obscurity...A friend of mine on a private mailing list passed me a link to a story on macrumors.
Not to defend Microsoft, as kernel exploits that provide privileged access are terrible flaws, but we had an interesting discussion in the talkbacks where several people acted as if Microsoft was the only place that could've made such mistakes. Well, the proof is in the pudding that this is a common flaw across operating systems that is difficult to catch due to the complexities of kernel code.
Italy's tax department posted every Italian's declared earnings and tax contributions on a site that was quickly overwhelmed by onlookers.According to the BBC:There has been outrage in Italy after the outgoing government published every Italian's declared earnings and tax contributions on the internet.
Researcher Juan Pablo Lopez Yacubian has reported another URI abuse exploit.From Security Focus:Novell GroupWise is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.