|
New vulnerabilities in the SQLite database engine affect a wide range of applications that utilize it as a component within their software packages. The attacks are coming from inside the database!
|
|
|
|
|
I've read up on Magellan and now this and I have yet to see ANY explanation of how these can be used to execute code. In every explanation, code is already being executed in a Chrome container. SQLite is forced to crash that container and then magic happens. (Every article seems to simply repeat Tencent's claims verbatim. Moreover, this is very specific to Chromium; if your app allows SQL injection, you have way more problems to worry about, but even then it doesn't result in the App magically executing actual foreign code.)
|
|
|
|
|
Plus, I think it’s fixed in Chrome, and the likelihood of someone even trying the overflow in something else is pretty unlikely.
I agree that “the holes you make are bigger than the holes the press warns about “ (I really need to work on that bumper sticker aphorism. Not “sexy” enough yet.
TTFN - Kent
|
|
|
|
|
Details for 2.4 million users were exposed online for 22 days. Just in time for all those new security cameras that just went online
|
|
|
|
|
ZDNed enthused: Song showed his dissatisfaction with how the two parties, Twelve Security and IPVM, handled the data leak disclosure, giving Wyze only 14 minutes to fix the leak before going public with their findings. Now, there really need to be laws about that.
Fair enough, it's possible, with many people working on and through servers, that a server can become exposed by mischance, miscalculation, or inexperience, but that is not as big a threat as some bloody idiot posting about it on twitter, letting the whole world know about it before the error can be corrected.
Giving the support team 15 minutes before releasing to twitter -- on Boxing Day! -- can only be interpreted as a malicious act.
There should be legal consequences for such stupid and dangerous behaviour.
Twelve Security and IPVM.com are well and truly in my bad books.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
The resolution establishes an expert committee representing all regions of the world “to elaborate a comprehensive international convention on countering the use of information and communications technologies for criminal purposes.” That should solve everything, as all UN solutions do
{not}
|
|
|
|
|
Does this mean that half the CIA and NSA will have to go directly to jail, without passing Go?
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
They'll rewrite the treaty to exempt themselves
|
|
|
|
|
I think it's safe to assume that any proposal supported by Soviet-"we don't extradite our cyber criminals ever"-Russia will do less than nothing to actually make the situation better.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
|
Kent Sharkey wrote: That should solve everything, as all UN-do solutions FTFY
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
A team based at Princeton University has demonstrated that two quantum-computing components, known as silicon "spin" qubits, can interact even when spaced relatively far apart on a computer chip. "Long long distance love affair, I can't find you anywhere"'
|
|
|
|
|
So, essentially, they've invented the optical telegraph, but smaller than is required for Kiddicraft[^] sets.
I can't help but wonder how they're supposed to get hundreds of thousands of single protons into hundreds of thousands of tubes that pass through one-to-many layers of the chips during manufacture, but, thankfully, that's not my problem to solve.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
One browser in particular is still causing headaches for web developers. Here's a hint - it starts with an 'I', and ends with an 'E'
But only because no one needs to support Safari.
Oh, and all the mobile devices.
And email webviews.
This complaint views best on Netscape Navigator 2!
|
|
|
|
|
So, wonder of wonders, the browsers that webdevs hate are minority browsers that still have not-unsubstantial followings.
The take away from this is that webdevs want there to be one, and only one, browser, because it would make their life easier -- and bollocks to users' preferences.
Here's a tip, webdev guys: making sites multi-browser compatible IS PART OF YOUR F***ING JOB!
Stop bitching about it, and do what you're paid for - or would you prefer that we all go out and hire 14-year-old whizz-kids who can only handle one browser?
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
I'm fortunate - our web sites only support edge/chrome.
What I hate about my job is that we are so restricted in terms of connectivity and tools because of absurd/arbitrary/pointless security concerns. For instance, they've disabled the Dev tools in chrome so we can't examine the production web sites when something goes sideways. F*ckin absurd...
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
So they took away the tedium of having to make the sites compatible with multiple browsers, but found a way to add it back.
Sounds about normal. The fates seem to have decreed that getting a break is a swings and roundabouts thing.
I don't see how the security thing works there, though. They can only disable dev tools of browser instances that they have admin control over, so you don't get the dev tools, but everyone outside the building does?
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Nah, they bitch about the move towards an “all Chrome” world as well.
TTFN - Kent
|
|
|
|
|
Yet more proof that my missus should have been a webdev.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Mark_Wallace wrote: compatible IS PART OF YOUR F***ING JOB!
Stop bitching about it, and do what you're paid for - Good point. No one should ever complain about any part of their job.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
ZurdoDev wrote: Good point. No one should ever complain about any part of their job. It's a matter of degree. The difference between medicine and poison is the dosage.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Very true. However, it is also a matter of perspective and point of view. I have been doing web development for 20+ years and I don’t seem to have the same opinion of web developers as you do or the same experiences.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
ZurdoDev wrote: I don’t seem to have the same opinion of web developers as you do How would you know that, given that I haven't stated an opinion?
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
I think you have been drinking too much bubbly. Your opinion is that they complain too much. That is what I was addressing.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
I wish that people would read the words that I write, rather than decide what I'm thinking.
At no time do I say, or even imply, that that is my opinion.
Read the words.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|