(Posted 28 Feb 2011 by Ray)

continue reading.....

Ruby "#to_s" Security Bypass Vulnerability

continue reading.....

Amazon still refuses to share how many Kindle devices it has sold to date, short from saying it’s the best-selling product in its history, but you can be sure it will become a whole lot more really soon.

AT&T this morning announced it will begin selling the Kindle 3G digital publication reader in company-owned retail stores across the United States, beginning March 6.

continue reading.....

In Part 3, you learned how to accept, open and close tickets, and use the OTRS interface to communicate with customers and internal team members through the ticket resolution workflow. more>>

…

continue reading.....

-

<a class="wiki external" href=”http://” rel=”http://essay-for.me/ external”>essay online+

<a class="wiki external" href="http://essay-for.me/“ rel=”external”>essay online<img border="0" class="externallink" src="img/icons/external_link.gif" alt=" (external link)" /> (cache)</a>+

continue reading.....

All this talk about 555 timers is causing projects to pop out of the woodwork like this one that reverse engineers a shopping cart security mechanism. The wheel seen above listens for a particular magnetic signal and when encountered it locks down the yellow cowl, preventing the wheel from touching the ground and making the cart [...]

continue reading.....

We have received a report from one of our readers that their Cisco IPS are picking up a large amount …(more)…

continue reading.....

David Neal, V3.co.uk, Monday 28 February 2011 at 11:53:00

Hackers increasingly targeting Apple systems, says security firm

Security firm Sophos has uncovered a backdoor Trojan aimed at the Mac OS X
operating system. The hack is unfinished and on…

continue reading.....

A couple of months ago, an SEC filing unveiled that Scott Lipsky, one of Amazon’s first executives ever and later founder of aQuantive (acquired by Microsoft for a cool $6 billion in 2007) was up to something new. His new startup, PhotoRocket, is all about ridiculously easy photo sharing from multiple devices, and it will be formally introducing its service at the DEMO conference later today.

I had a chat with Lipsky and PhotoRocket CEO (and former VP at Yahoo) Gary Roshak ahead of the launch presentation, and came impressed with the product and its potential.

continue reading.....

Elecard MPEG Player ‘.m3u’ File Remote Stack Buffer Overflow Vulnerability

continue reading.....

This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to provide an interactive session. Features Multiplatform support – tested on Windows, Linux and Mac t…

continue reading.....

Let’s just face it, being a geek girl on the internet sucks. Even if you’re relatively smart and a woman your lot in life is basically relegated to this unless you’re Oprah. My point is that there’s never really been a successful and lasting site targeted only to nerd girls (Village Voice Media’s* Heartless Doll tried to no avail until it entered the deadpool last May). Dan Abrams and the folks behind Mediaite are trying to break this curse, with today’s launch of  The Mary Sue.

continue reading.....

This program is an “inotify cron” system. It consists of a daemon and a table manipulator. You can use it a similar way as the regular cron. The difference is that the inotify cron handles filesystem events rather than time periods.

continue reading.....

Alot of people seam to be having problems with proper redirection of ‘sudo command’ to a file. So many would rather ‘sudo -s’ than understand why ‘sudo command [he]gt[/he] output’ does not work.Wait no more, I shall tackle this problem and explain it t…

continue reading.....

Although you have exchanged public keys with your remote server to avoid that boring bit of entering your super long secure user password everytime you are about to login, you still need to face ssh syntax in order get someting done. Yes, it is just si…

continue reading.....

Friday, my server was purring along just fine, and then it stopped. I thought it was a power supply problem, but as I was trying to determine if the power supply was still working, I saw a small orange flash.The next power cycle attempt also got a bit …

continue reading.....

Lots and lots of buzz today in all the major newspapers about how J.P. Morgan is trying to buy 10% or so of Twitter for $450 million.

As far as I can tell, all of the stories are wrong. In particular, say my sources, Twitter isn’t negotiating with anyone – J.P. Morgan or otherwise – about a new funding round. The last round with Kleiner Perkins seems to have more than satisfied their near term capital appetite. Also, J.P. Morgan isn’t currently trying to buy Twitter shares through the secondary market, either, say my sources. That’s because they already indirectly own 10% of Twitter.

Here’s what’s really going on, as far as I can tell from sources:

continue reading.....

Founded by Rich Morrison and Jud Gardner, Y-Combinator backed Comprehend Systems is launching the first iteration of its comprehensible data analysis platform today, Comprehend Clinical. Comprehend Clinical’s browser friendly interface allows its clients to analyze the results of clinical drug trials across multiple data sources, combining that stored in diverse data structures and databases.

In the same space as Sas Institute and Pitco, Comprehend Clinical attempts to empower people bringing drugs to market to “ask as the questions they need to ask.” When you’re dealing with lengthly drug studies you need to know whether the drug is safe and effective, and whether people are dying as a soon as possible. “A clinical study lasts four years, who uses software that’s seven years old. By default you’re going to have to interface a lot of stuff,” says founder Rich Morrison.

continue reading.....

Linux Kernel ‘FBIOGET_VBLANK’ IOCTL Local Information Disclosure Vulnerability

continue reading.....

[Erich aka VK5HSE] performs quite a bit of solder reflow work, but has always been concerned about bumping his circuit boards once the solder has liquified and is ready to be removed from the heat source. He says that removing workpieces from toaster ovens often results in the unintentional jarring of a circuit board full [...]

continue reading.....

For any retailer that is selling goods online, it is incredibly important to be able to retain customers and identify when purchasers are about to leave a site. While many online retailers and companies develop these analytics in house, there is a need for a simple application that smaller shops can use to determine behavior of visitors. Today, Y Combinator-backed Custora is launching a SaaS that tells online retailers and web apps which of their customers are most valuable, and suggests actions to keep them.

The startup is best described by its tagline: “Google brings you customers. We keep them around.” For retailers, the software can analyze order logs and distinguish between customers that simply haven’t ordered anything for a while, and customers who have left the site. The application also manages and optimizes email campaigns to keep customers engaged.

continue reading.....

[Jay] sent us some details of a quick fix for a baby swing he owns, along with the unlikely place where he found replacement parts. We showed you a pair of his creations earlier this week, which you might recall. As luck would have it, the motor on the baby swing he modified burned out [...]

continue reading.....

Elecard AVC_HD/MPEG Player version 5.7 buffer overflow exploit that creates a malicious .m3u file.

continue reading.....

Installing Nginx With PHP5 And MySQL Support On Debian Squeeze

Nginx (pronounced
“engine x”) is a free, open-source, high-performance HTTP server. Nginx
is known for its stability, rich feature set, simple configuration, and
low resource consumptio…

continue reading.....

Hack-a-Day reader [Bobbie] sent us a hack that is an adaptation of the automatic cell phone button pushing machine we featured earlier this week. Inspired by that project, he challenged himself to construct a more efficient way to tackle the problem. He started out in much the same fashion, pointing a camera at the phone [...]

continue reading.....

[BadWolf] sent us a device called the “Bacon Beacon“, which is his 555 Design Contest entry. In short, it’s a life-saving device that emits an S.O.S. signal in Morse code over both the AM and FM bands. The device uses five 555 timers to get the job done, each of them dedicated to a specific [...]

continue reading.....

What is your real name? That’s my new favorite comment on TechCrunch, where many of its readers hide behind phony names and email addresses. Apparently it’s not considered appropriate to challenge such geniuses about their real identity. Could be similar to talking about “open” and “Web” as though they have magical properties of goodness and well-being. Or not.
 
Nasty comments and identity baiting are in and of themselves minor irritations, best left to swift deletes or just plain not caring. Facebook and even Twitter mostly get around this problem by requiring a registration to play along, but the earlier generation of blog posts and even RSS encourage anonymity in reading mode. No reason why we should be forced to identify ourselves in order to consume a page; the problem comes if we want to respond on a level playing field in comments.
 
But take “what is your real name?” and apply it to other things besides blog posts. Say you’re in a meeting and the guy to your right has been verbose but unintelligible for over an hour. You ask: “What is your real name?” This will be viewed as a hostile interruption if taken literally, so it’s important to smile broadly and giggle in an “I’m laughing with you, not at you” posture. If the question is treated as a non sequitur, you need to drop the smile and look earnest with a hint of stupidity. After all, adopting comment dynamics to the real world is a complicated strategy.

continue reading.....

The Chronos watch from Texas Instruments is a handy little piece of hardware if placed in the right hands. If you are not familiar with the platform, it is marketed as a “wearable wireless development system that comes in a sports watch”. In plain English, it’s a wearable wireless MCU mated with a 96 segment [...]

continue reading.....

Debian Linux Security Advisory 2174-1 – It was discovered that avahi, an implementation of the zeroconf protocol, can be crashed remotely by a single UDP packet, which may result in a denial of service.

continue reading.....

Debian Linux Security Advisory 2173-1 – It was discovered that pam-pgsql, a PAM module to authenticate using a PostgreSQL database, was vulnerable to a buffer overflow in supplied IP-addresses.

continue reading.....