Apple’s OSX iterations have been known to be some of the more securely designed operating systems on the planet. There is no real threat from viruses under OSX because of it’s strict use of access rights, built into it’s BSD base which regulates the access rights of every user on the system. However, basic security in their user interface could be compromised by a very simple, very useful feature known as “Spaces“, a feature lifted and rebranded from X Windows and Amiga (reference: Wikipedia), through a effective Denial of Service.
Continue reading ‘THEORY: Apple OSX Spaces Vulnerable’
A quick follow-up to the challenge MySpace is serving up to Apple with their music service, as I wrote about previously (reference: http://www.thereformed.org/2008/04/07/myspace-gambles-big-on-lost-cause/). As I stated before, I don’t believe MySpace will be able to capture a significant market share in an industry which is experiencing innovations per quarter from the company who established and arguably perfected the vary model industry leaders are salivating to get bigger a piece of and the major economic downturn (an obvious recession.. if it looks like a duck…) which is hitting consumers in the pocketbook. What this brief article addresses is the sheer, implausible numbers game that a small fish such as MySpace is facing in a private pond thats home to a big hungry shark. Continue reading ‘Apple Wins by the Numbers’
MySpace has matured the social networking portal more than any other provider, but how will they fair in the media market - specifically their venture in MySpace music? They’re going after the hallowed ground of Apple’s iTunes and I suspect that we might not necessarily see a failure (because MySpace’s user-base is so very large it can take the hit), but we can forsee that no notable, sustainable gains will be made - Apple’s loyalists will benefit from it extremely however. Why? Continue reading ‘MySpace Gambles Big on Lost Cause’
First article of the new year is in regards to the flourishing WebAppSec community and it’s guidance effort targeting developers and consumers alike. The threat of web application vulnerabilities is now a common-place theme in this new day. Over the last ten years, the advent of the information security community, something previously overlook, has been it’s gradual embracing of the need for web application security as data, handling and formatting become more dynamic. The community has turned itself 180-degrees from reactive to proactive, albeit without a widely adopted standardization in responsiblity / disclosure (which in itself has led to a significant uprise in baseless, malicious disclosures by the 13-year-old next door, savvy with his laptop and his illegitmate copy of AppScan). Continue reading ‘WebAppSec and Consumer Ignorance’
No, the title isn't what it seems to suggest (which, incidentally, is physically impossible as far as I know to have any sort of romantic, physical relationship with software, but who knows what those kids at Google are thinking up), just a play on words. Here, I go into a brief instructional dialog on how to get some free or lower cost gear using the Google Checkout API and it's associated 'offer'. Everyone likes free stuff right?
Continue reading ‘Make Out with Google Checkout’
I've become concerned with the ever increasing results of unintentional criminals being created by laws in the United States through no direct or intended fault of their own. Laws are meant to govern specific processes and act as guidance to maintain a functional society. They also provide a reference for penalties of violations in law and as such we're expected to abide accordingly. So what happens when the legislation becomes far too generalized in it's verbose definitions?
Continue reading ‘U.S. Code Gives Twenty for Free’
Well, maybe not so much. However, Google has been pretty light on the keys in fixing a cross-scripting bug that leads to some pretty serious consequences for us, the end-user. The flaw in the handling of the code can compromise our very online privacy that is being taken from us at a snails pace as time goes on. The term is 'Phishing' and it is spreading online like an epidemic of Biblical proportions.
Continue reading ‘Google + XSS = Destruction of Mankind?!’
