My Open Tabs in Firefox
When I started this site I did something called the daily link list. Back then I had time to gather links of interest articles every morning and share them with some comments. I don't have that kind of free time anymore... but I noticed I've got a number of open tabs and decided it was time to read them and that I might as well share everything that was open.
VMWare Authorization Service Haunted by DoS Vulnerability
This is an interesting one because I've always wondered why VMWare Workstation opens listening ports by default. It just feels like a bad option but given how hectic my day is, I've yet to have time to really play around. I'm glad someone is looking and is starting to show why maybe it isn't necessary. If I were writing malware, I'd be paying attention to these types of attack and writing my malware to target systems on the network. It might be a little noisy but depending on circumstances it'd be an easy way to eliminate VMs used to analyze malware.
Downtown Santa Rosa eatery damaged in blaze
This isn't something I'd normally even read. It's a shame to lose a business like that... but a coffee shop in Santa Rosa doesn't really affect me. The reason this is open and that I read it though was the mention that Windows Update may possibly be to blame.
To Vendors Everywhere: If your product is driven by a computer, please treat it like a computer... ensure that it can be properly updated and all security patches can be applied. I don't care if it's a CT scan, a coffee roaster or a giant billboard. These systems are just as likely to be affected by a worm and help the malicious software propagate as your accountant's desktop computer and are more likely if you don't update them due to failed interoperability. Make your software work properly and solve the problem!
Another Denial of Service and while it may simply be my fascination with DoS, I thought this was worth pointing out. The vendor quickly pushed out fixed software. This is the response that I wish we'd see more of from vendors. It's a welcome change.
The Month of Facebook Bugs Report
A wrap up detailing what was found during the month of Facebook bugs. Some of the numbers are interesting and if you haven't seen this, definitely worth the read.
Varkens hacken computersysteem (Pigs computer hacking)
It seems that pigs are smart enough to figure out how to beat RFID sensors... a humorous video to watch.
Snow Leopard guest account bug deletes user data
How could I not include this one? Given the Apple fanboys love of their product, this simply had to be pointed out. How do you get this far in your operating system and introduce a bonehead bug that wipes out all of a users data when they log in and then out as Guest. On top of that, how do you fail to resolve the issue in the first update you push for the system? I'd have to say this one takes the cake on stupid bugs of the year.
Windows TCP/IP Denial of Service Attacks (Sockstress)
From what I've seen, no details on the actual sockstress attack have been released before. So for me, this was the first time I'd seen a detailed explanation on the topic. I'm not in a position to verify the validity, but it seems reasonable.
Ont. researchers tout cheap eHealth alternative
For those outside of Ontario, we've spent $1 Billion (with a B) on a secure online medical records system that will connect all the doctors and hospitals. It has come under review and there has been quite a bit of discussion on the overspending. Researchers with a piece of medical records software that is open source say their software could have been used for only $20 Million. I see a big problem when one of the developers of the OSS states that there was no need to build an expensive secure network. This is my health information... I'd much rather see my tax dollars go to building a secure network to share my health records on, than a number of other things it could be spent on. Was there overspending... sure, but what government project doesn't overspend? I also like the comment on OSS being "free from viruses" when compared to the "more common software we're familiar with". How much common software ships with viruses these days? His comment is technically inaccurate for a number of reasons... I know what he meant but that's beside the point... I'm not sure he knows what he meant. It has been proven time and time again that OSS isn't free and that it has operating costs associated with it, many times operating costs that are more expensive than their commercial alternatives. In other words, I don't agree with this article at all.
Thawte discontinues Web of Trust for free SSL certificates
thawte is discontinuing it's personal email certificates. Nothing big, but worth pointing out. If you hold a valid thawte personal email certificate right now, you can sign up with Verisign for a free 1 year email certificate.
And those are the open tabs in my browser that I will now be closing.