R/C cars can be tons of fun, but sometimes the fun runs out after awhile. [Gaurav] got bored of steering around his R/C car with its remote, so he built an interface that lets him control the car using two different motion-detecting devices. He built an HTML5 application for his iPad, which allows him to [...]

continue reading.....

Feng Office version 1.7.3.3 suffers from a cross site request forgery vulnerability.

continue reading.....

Collabtive version 0.6.5 suffers from cross site request forgery, cross site scripting, and directory traversal vulnerabilities.

continue reading.....

Debian Linux Security Advisory 2208-2 – The BIND, a DNS server, contains a defect related to the processing of new DNSSEC DS records by the caching resolver, which may lead to name resolution failures in the delegated zone. If DNSSEC validation is enab…

continue reading.....

Ubuntu Security Notice 1099-1 – Sebastian Krahmer discovered that GDM (GNOME Display Manager) did not properly drop privileges when handling the cache directories used to store users’ dmrc and face icon files. This could allow a local attacker to chang…

continue reading.....

Mono ‘loader.c’ Library Loading Local Privilege Escalation Vulnerability

continue reading.....

Mono/Moonlight Generic Type Argument Local Privilege Escalation Vulnerability

continue reading.....

Maker [Dino Segovis] has started on a project he calls “Hack a week” where he will be putting together one hack or project per week, for a full year. The first installment of his video series was finished just two days before April Fool’s, and appropriately enough covers the construction of a circuit you can [...]

continue reading.....

Supergamer is, as you might guess, a Linux distribution whose main focus is on gaming. It’s based on a lighter distributions, features a light desktop, and is chocked full of games and demos. It began life in the Spring of 2006 and was received with gr…

continue reading.....

A day after Google unveiled its “+1″ product, someone has already taken a close enough look at the code to track down an embeddable +1 Button.

Said button wasn’t supposed to be public yet – they essentially let people recommend any online content on Google search.

continue reading.....

This article over on the Websense blog is warning about a new mass sql-injection attack that they ha …(more)…

continue reading.....

Remember the early days of cellphones and carphones when they were super-bulky and all the rage? Those early handsets used analog technology for communications in a protocol called Advanced Mobile Phone Service (AMPS). As more customers flocked to wireless providers, networks were transitioned over to digital phones in order to save bandwidth. Some places still [...]

continue reading.....

Torvalds said that he considers 2.6.39 more of a solid version with a boring amount of progress – however, with ipset, the Xen network backend, as well as many new and improved drivers, the new kernel, which is expected to be released in late May or …

continue reading.....

Yes, it’s happened. Days after Jack Dorsey comes in to head product, the dreaded #Dickbar is dead.

From the Twitter blog:

“Rather than continue to make changes to the QuickBar as it exists, we removed the bar from the update appearing in the App Store today. We believe there are still significant benefits to increasing awareness of what’s happening outside the home timeline. Evidence of the incredibly high usage metrics for the QuickBar support this. For now, we’re going back to the drawing board to explore the best possible experience for in-app notification and discovery.”

Updating.

continue reading.....

I am often invited to small and medium sized Free and Open Source Software events, and I enjoy going to them. Some of these events have been taking place for almost a decade, happening every year without interruption. Others happen only one or two time…

continue reading.....

continue reading.....

continue reading.....

continue reading.....

continue reading.....

Linux Kernel Ptrace (CVE-2010-3301) Local Privilege Escalation Vulnerability

continue reading.....

Linux Kernel Econet Protocol Multiple Local Vulnerabilities

continue reading.....

The Perfect Desktop – OpenSUSE 11.4 (GNOME)

This tutorial shows how you can set up an OpenSUSE 11.4
desktop that is a full-fledged replacement for a Windows desktop, i.e.
that has all the software that people need to do the things they do on
their …

continue reading.....

Update: Or not. :( Yes, we have also seen the stories from F-Secure and GFISunbelt …(more)…

continue reading.....

The business office is where the Linux desktop should reign. Why? Linux is a reliable, stable, secure solution that would have any business user working day-in and day-out without fail. With an unheard of resistance to viruses, trojans, and worms, the …

continue reading.....

Net Security: Key security experts unfamiliar with DNSSEC

continue reading.....

Amazon.com just published my three star review of Computer Incident Response and Product Security by Damir Rajnovic. From the review:When I first learned that Cisco Press was publishing a book about product security (Computer Incident Response and Prod…

continue reading.....

Supergamer is, as you might guess, a Linux distribution whose main focus is on gaming. It’s based on a lighter distributions, features a light desktop, and is chock-full of games and demos. It…

continue reading.....

Amazon.com just posted my five star review of pfSense: The Definitive Guide by Christopher M. Buechler and Jim Pingle and published by Reed Media. From the review:I have to admit that pfSense: The Definitive Guide (pTDG) caught me off guard. I expecte…

continue reading.....

Secunia Security Advisory – A vulnerability has been reported in Cisco Secure Access Control System, which can be exploited by malicious people to bypass certain security restrictions.

continue reading.....

Secunia Security Advisory – Multiple vulnerabilities have been reported in the Translation Management module for Drupal, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct …

continue reading.....