- More technical details on Facebook’s leakage of user info, Freedom to Tinker
- Facebook app breach gets the attention of Congress, Ars Technica
- Facebook moves to encrypt user IDs, ReadWriteWeb
- New Adobe Reader with security sandbox due next month, Slashdot
- Root privileges through flaw in GNU C loader, The H
- Business models of cyber criminals, Slashdot
- Java surpasses Adobe’s products as most actively exploited, The Register
- Microsoft removes Zeus botnet from over 1/4 of a million machines, Zero Day
- Evercookie harder to combat in mobile browsers, Slashdot
- Mozilla patches nine Firefox flaws, The Register
- Thunderbird also receives security update, The H
- Hackers subvert Firefox security warnings to serve malware, The Register
- Security holes in Apache web server, Zero Day
- Chrome update plugs high risk security holes, Zero Day
- Apple patches older Java security flaw, Zero Day
- Gaping security hole in Apple’s FaceTime beta, Engadget via Hacker News
- Adobe Shockwave exploity, The Register
- Pidgin update closes DoS hole, The H
- Twelve year finds Firefox flaw, earns bounty, Zero Day
Tag: Apache
Quick Security Alerts for Week Ending 4/18/2010
- Copyright violation ransomware in the wild
- Another VM based secure OS receives NSF funding
- Dubious benefit of some conventional security wisdom
- Privacy preserving algorithm for databases of personal info
- Apache.org passwords compromised
- How to exploit NULL pointers
- Adobe, MS push security updates
- Attacks exploit unpatched Adobe applications
- Unpatched Java exploit in the wild
- Java patch for latest exploit
- Apple fixes pwn2own flaw in Safari
- Executable PDF exploited by Zeus malware
- New OSX malware variant spotted
TCLP 2010-03-14 News
This is news cast 209, an episode of The Command Line Podcast.
In the intro, a call for help with my new experiment, this time with a way to reward and encourage donors. Also, happy Pi Day.
This week’s security alerts are researchers build an 8K smart phone botnet and share their motivations for doing so and some findings and a serious Apache exploit is discovered.
In this week’s news theoretical breakthrough for quantum crypto, Apple iPhone developer agreement comes to light leading to my own moment of principle where I’ve decided once my iPod Touch is worn out I will be buying an Android based PMP, the value of BASIC as a first language, and improving the bandwidth of quantum memory.
Following up this week web cames disabled in PA school laptops and Open Source for America rebuts IIPA’s petition to the USTR including a post, a paper and a personal meeting.
[display_podcast]
Grab the detailed show notes with time offsets and additional links either as PDF or OPML. You can also grab the flac encoded audio from the Internet Archive.
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.
Happy Birthday, Apache
What began as a patchy fork of the NCSA web server fifteen years ago has grown into not only the technology that underpins a major fraction of the web but an incredibly successful open source project.
Happy birthday, indeed, Apache.
If you are curious about the project’s history to date, the post at the ASF blog has some excellent details include a brief round down of milestones and accomplishments and the principles the project developed to achieve its incredible success.
There certainly have been a lot of competitive, open source developments recently in the web server space. Most of them are pretty application stack specific, built to better serve the needs of developers in a specific language like Ruby or Python. I still turn to Apache first since it is such a time tested and proven tool, a sort of swiss army knife for standing up all kinds of web applications. I think that is the highest testament to the project’s success.