One of the greatest benefits of open source software is associated with the concept of ownership. When considering your datacenter, or, for that matter, your own computer, the software that brings the machines to life must be understood in the light of…

continue reading.....

I read an interesting article this morning that suggested Apple would change its mind and put Adobe’s Flash technology on its iOS devices within a year. I don’t think that’s going to happen.

In an open letter to users, Apple CEO Steve Jobs gave several reasons why he didn’t want Flash on the iPad, iPhone or iPod touch. They are: Flash isn’t open; the full web; reliability, security and performance; battery life; and touch.

Adobe began shipping Flash Player 10.1 for Mobile last June, but even Laptop magazine admitted that “Steve Jobs was right,” and that “Adobe’s offering seems like it’s too little, too late.” Granted, that report was from six months ago, but it still doesn’t bode well for the technology. There is no doubt that Adobe is making advances with Flash on mobile devices, but I don’t believe future changes will be enough to get Apple to adopt the technology.

continue reading.....

DO-CMS suffers from multiple remote SQL injection vulnerabilities.

continue reading.....

(Posted 28 Feb 2011 by falko)

continue reading.....

WeeChat suffers from an invalid certificate verification vulnerability.

continue reading.....

Quick N Easy FTP Server version 3.2 denial of service exploit.

continue reading.....

The latest robot out of Nolebotic is Al.I.S.E, or Aluminum, Infrared Scanning Entity. Don’t let the name fool you, its a pretty simple take on the classic hexapod walking platform using a crank arm and leavers made into the legs. The body of the robot is made out of aluminum which is pretty easy to [...]

continue reading.....

Magic Music Editor denial of service exploit that creates a malicious .cda file.

continue reading.....

Vulnerability Summary for the Week of February 21, 2011

continue reading.....

PHP versions 5.3.5 and below are susceptible to a denial of service condition in the Exif extension exif_read_data() function.

continue reading.....

Imageview version 6.0 suffers from a directory traversal vulnerability.

continue reading.....

[url=http://lxer.com/team.php][img]http://lxer.com/content/Scott_Ruecker.jpg[/img][/url] [b]LXer Feature: 28-Feb-2011[/b]Due to some family issues I was unable to spend nearly as much time at SCALE 9x as I wanted too but from what I did get to see it w…

continue reading.....

Lighttpd is a secure, fast, standards-compliant web server designed for speed-critical environments. This tutorial shows how you can install Lighttpd on a Debian Squeeze server with PHP5 support (through FastCGI) and MySQL support.

continue reading.....

I think we can all agree, there are few things that go better with hacking everything than beer. [Tom] has taken his love for beer and building things, fusing them together in a DIY kegerator. Using an off the shelf mini fridge and some easy to find beer serving components, he walks us through the [...]

continue reading.....

Join us for a Free Webcast on March 22

James egyp7 Lee takes participants in a technical deep-dive through the new features of the free and open source Metasploit Framework version 3.6 (http://www.rapid7.com/products/metasploit-framework.jsp), foc…

continue reading.....

WSN Guest version 1.24 suffers from a remote SQL injection vulnerability in the time parameter.

continue reading.....

Quite often businesses view alternatives if products or services offer better Return on Investment. Open Source is one such option that is often debated in terms of better returns, lower operational costs and of course minimum breakeven time depending …

continue reading.....

We received several fantastic entries. We laughed, we cried, we stared at our monitors in confusion, it was fantastic. Now we’re here to announce the winners of the Santa-Pede contest. If you recall, the rules were pretty simple. Aquire a dancing santa (or other holiday dancing annoying toy thingy in the same fashion), tear it [...]

continue reading.....

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other to…

continue reading.....

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, s…

continue reading.....

“I Need A Doctor” is the second single from Dr. Dre’s upcoming album Detox, which has been in development, I think, for 400 years. It feel like that anyway. You’ve seen the Grammy performance, but have you seen the official music video? More importantly, have you seen the blindingly obvious product placement featuring good ol’ HP?

As Matt and I were just discussing in the official CrunchGear chat room, how bizarre is it to see an HP tablet save Dr. Dre’s life? You’ve got some fantastical floaty semi-transparent manifestation of Skylar Grey, then, out of nowhere, it’s an HP tablet. Makes sense. (Fast-forward to 4m15s if you want to skip directly to the tablet.)

A fine way to start your week.

continue reading.....

HP Security Bulletin HPSBPI02635 SSRT100391 – A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by Web J…

continue reading.....

continue reading.....

continue reading.....

iRedMail 0.7.0: Open Source Mail Server With Postfix, Dovecot,
Amavisd, ClamAV, SpamAssassin, RoundCube On Debian Squeeze (Debian 6.0)

iRedMail is a shell script that lets you quickly deploy a
full-featured mail solution in less than 2 minutes. Its …

continue reading.....

continue reading.....

continue reading.....

[Bob] has been busy lately putting the finishing touches on three different projects that he plans on entering into the 555 Design Contest. His first entry is a low-power H-bridge, which can be used to drive small servos. While he admits that it is a bit odd to build use a 555 timer to construct [...]

continue reading.....

phpMyAdmin versions 3.3.9 and below suffers from brute force and path disclosure vulnerabilities.

continue reading.....

(Posted 28 Feb 2011 by Ray)

continue reading.....