Full Disclosure and Why Vendors Hate It
Original post provide by Slashdot: ITAn anonymous reader writes “Well known iPhone hacker Jonathan Zdziarski gave a talk at O’Reilly’s Ignite Boston 3 this week in which he called for the iPhone hacking community to embrace full disclosure and stop keeping secrets that were leading to the iPhone’s demise. He has followed up with an article about full disclosure and why vendors hate it. He argues that vendor-only disclosure protects the vendors and not the consumer, and that vendors easily abuse this to downplay privacy concerns while continuing to sell insecure products. In contrast, he paints full disclosure as a capitalist means to keep the vendor accountable, and describes how public outcry can be one of the best motivating factors to get a vulnerability addressed.”
Read more of this story at Slashdot.
Microsoft Urges Windows Users To Shun Safari
This controversy comes after Apple has officially refused to promise to do anything about the carpet bombing vulnerability in the Safari browser. Essentially, Apple does not see unsolicited downloads of hundreds or even thousands of executable files to users' desktops as being a security problem." Now while downloading a hundred files to your desktop won't automatically execute them, Microsoft's position is that a secondary attack could execute them for you.Read more of this story at Slashdot.
A Look At The Workings Of Google's Data Centers
'You have to provide reliability on a software level. If you're running 10,000 machines, something is going to die every day.' Bringing a new cluster online shows just how fallible hardware is, Dean said. In each cluster's first year, it's typical that 1,000 individual machine failures will occur; thousands of hard drive failures will occur; one power distribution unit will fail, bringing down 500 to 1,000 machines for about 6 hours; 20 racks will fail, each time causing 40 to 80 machines to vanish from the network; 5 racks will "go wonky," with half their network packets missing in action; and the cluster will have to be rewired once, affecting 5 percent of the machines at any given moment over a 2-day span, Dean said.
Bank Of NY Loses Tapes With 4.5 Million Clients' Data
From Computerworld: "The bank informed the Connecticut State Attorney General's Office that the tapes ... were lost in transport by off-site storage firm Archive America on Feb. 27. The missing backup tapes include names, birth dates, Social Security numbers, and other information from customers of BNY Mellon and the People's United Bank in Bridgeport, Conn., according to a statement by Connecticut Attorney General Richard Blumenthal.Read more of this story at Slashdot.
Ajax Security Tools
You'll take a look at tools and utilities that ensure that linked Web sites in applications are not on the blocked lists and which prevent hackers from altering browser functionality, defacing Web applications, and achieving malicious results. You'll find these utilities divided into three types within the article: hardening tools, Firefox tools, and Firefox add-ons."Read more of this story at Slashdot.
Persian Calendar With Navigation In Month And Year
Package: Persian Calendar With Navigation In Month And Year Summary: Display Persian month calendars Groups: HTML, Time and Date Author: S.Mohammad Salehi Description: This class can be used to display Persian month calendars. It can display an HTML table with the current month of the Persian calendar.
More Articles:
Is UML Really Dead, Or Only Cataleptic?
The author suggests UML was killed by, among other causes, greed, heavy process, and design-by-committee. Is UML really a fading technology? Is it useful beyond a whiteboard notation for designers? Is there any value in code generation?"Read more of this story at Slashdot.
China's Cyber-Militia
The news in this report is the suggestion that Chinese cyber-attakers may have been involved in major power outages in the US. "Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of US companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to US government officials and computer-security experts..."Read more of this story at Slashdot.
Havok Releases Free Version For PC Developers
An anonymous reader writes "Havok has released the free version of its widely-used physics and animation engine (but without source code), including tools that integrate with Autodesk 3ds Max and Maya. Developers may use Havok for free for non-commercial games, middleware, and academic projects.
MagLev, Ruby VM On Gemstone OODB, Wows RailsConf
The Gemstone OODB also takes care of any distribution, allowing the Ruby VM and data to scale across many servers (Cheerio, memcached!). There's also an earlier quite technical interview with Gemstone's Bob Walker and Avi Bryant about MagLev."Read more of this story at Slashdot.
Color Conversion
Package: Color Conversion Summary: Convert color values between different models Groups: Conversion, Graphics, PHP 5 Author: Nathan Lucas Description: This class can be used to convert color values between different color models. Currently it can convert colors between the models RGB, HSV, HSL and hexadecimal RGB codes used in HTML.