Archive for August 1st, 2008Filed under: World wide web, Web services, Google, Googleholic, web 2.0 
Welcome to Googleholic, your weekly fix of everything Google. In this, yes, we’re alive edition:
Continue reading Googleholic for August 1, 2008 Filed under: World wide web, Web services 
Yesterday, social bookmarkng site Delicious (nee del.icio.us) launched a brand new design and a much easier to remember URL. The redesign is quite similar to the preview posted last September, Nothing like waiting until your share holders stage a revolt to get your properties updated, eh Yahoo?
The new design is fluid and clean, with a much nicer display system. It’s much easier to switch between your own bookmarks and the “popular” and “most recent” listings. Sorting and searching through tags is also much more efficient and intuitive. In addition to the new design, of which I’m a fan, the site is also significantly faster, both in terms of search and overall navigation. Although the Firefox 3 plugin is fantastic, the old site design and loading time made it a chore if accessed in Safari or any other browser without a specific plugin or tool. Glenn Fleishman sends word that SANS Institute testing indicates that, even after installing Apple’s latest patch for the DNS vulnerability, Leopard desktops (not servers) are still vulnerable — or at least perpetuate risky behavior that makes exploitation easier. This matters because “With servers rapidly being patched worldwide, it’s likely that the low-hanging fruit disappears, and vectors [will be] designed to attack big numbers of clients on ISP networks.” Read more of this story at Slashdot. GamePolitics is reporting that a Judge has put another substantial hurdle in the Hot Coffee class-action case. Claiming that individuals involved in the suit could be affected differently by laws in their respective states, Judge Shirley Wohl Kram declared that this case couldn’t be resolved by a single proceeding. “‘Accordingly, the court decertifies the settlement class on the grounds that common issues don’t predominate over individualized issues,’ the judge wrote. The judge’s latest decision undermines a settlement agreement reached between lawyers for purchasers of the game who contended they were offended by the hidden scenes, on the one hand, and lawyers for the game’s makers, Take-Two Interactive Software and Rockstar Games.” Read more of this story at Slashdot. TedSamsonIW writes “InfoWorld reports on a new potential ploy for stealing Web user’s private information: Researcher has found that by placing a new type of hybrid file on Web sites that let users upload their own images, they can circumvent security systems and take over Web surfers’ accounts. ‘They call this type of file a GIFAR, a contraction of GIF (graphics interchange format) and JAR (Java Archive), the two file-types that are blended. At Black Hat, researchers will show attendees how to create the GIFAR while omitting a few key details to prevent it from being used immediately in any widespread attack.’” Read more of this story at Slashdot. ruphus13 notes a new development in Blizzard’s case against MDY, which we discussed last week. Blizzard, the maker of World of Warcraft, has now requested another injunction — to prevent the open sourcing of Glider code. Quoting: “Blizzard has asked the court for a relatively unconventional order prohibiting MDY from making the source code for its MMO Glider software available to the public, and prohibiting MDY from helping people develop other World of Warcraft automation software. Blizzard had previously asked the court to close down MDY’s WoW operations in its motion for summary judgment, but the court’s summary judgment order didn’t address Blizzard’s request. Blizzard’s requests to prohibit open-source release of MDY’s software and prohibit MDY’s assistance in development of independent WoW bots are new to this motion — and seem likely to raise eyebrows in the open source and digital rights advocacy camps.” Read more of this story at Slashdot. Enderandrew writes “Our IT department has been tasked with creating a list of authorized software, and only allowing software to be added to such a list after it has been thoroughly tested. In theory that sounds like a great idea — but how should we test apps to make sure they are secure? We’ve tools to scan internal websites, and we use MBSA for our Windows servers. However, I’m turning to Slashdot to ask what are the ideal methods for creating a test environment where I can examine apps for security vulnerabilities. We’re a multi-platform shop, but my main concern is with Windows apps.” Read more of this story at Slashdot. andy1307 writes with a Washington Post story giving details of Department of Homeland Security policies for border searches of laptops and other electronic devices (as well as papers). (We have been discussing border searches for a while now.) DHS says such procedures have long been in place but were “disclosed last month because of public interest in the matter,” according to the article. Here is a link to the policy (PDF, 5 pages). “Federal agents may take a traveler’s laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement… DHS officials stated that the newly disclosed policies — which apply to anyone entering the country, including US citizens — are reasonable and necessary to prevent terrorism… The policies cover ‘any device capable of storing information in digital or analog form,’ including hard drives, flash drives, cell phones, iPods, pagers, beepers, and video and audio tapes. They also cover ‘all papers and other written documentation,’ including books, pamphlets and ‘written materials commonly referred to as “pocket trash…”‘” Read more of this story at Slashdot. Alexander Burke writes “Apple has just released Security Update 2008-005, which patches BIND against the Kaminsky DNS poisoning issue. ‘This update addresses the issue by implementing source port randomization to improve resilience against cache poisoning attacks. For Mac OS X v10.4.11 systems, BIND is updated to version 9.3.5-P1. For Mac OS X v10.5.4 systems, BIND is updated to version 9.4.2-P1.’ It also closes the script-based local privilege escalation vulnerabilities, the most common examples of which were ARDAgent and SecurityAgent, and addresses other less-publicized security issues as well.” A few days back we noted Apple’s tardiness in fixing their corner of this Net-wide issue. Read more of this story at Slashdot. Security Finance Get Information on Antivirus, 3D Animation, CD & DVD Burner and Careers in Finance Ideal Finance Incorporated Welcome to Fisher Department Of Finance Wallick & Volk Business Finance, Investing, and Financial Advice Wharton Finance Conference 2007 Finance: Academic Areas: Stanford GSB Wharton Finance Department Finance - Easy English Wikipedia, the free encyclopedia |
Powered by WordPress, Mandigo theme by tom.
Entries (RSS)
and Comments (RSS).
