This timeline of the discovery of a critical flaw in Mozilla is amazing. It took a scant 31 hours between the moment the bug was first reported to the moment that you could download a patched version of all different Mozilla flavours and derivatives.
July 7 - 13:46 GMT - Keith McCanless files a bug in the Bugzilla Database reporting a new vulnerability. It exploits the windows "shell:" handler and allows a malicious web page to execute a program on a client's computer (The program has to already be present on the computer). McCanless notes that the bug is "BOTH a security concern and a DOS," since if the link points to a nonexistent file, it makes the Mozilla browser spawn off endless amounts of new windows. The bug is marked private since it is security-related; only developers with proper clearance can see it. (source)...
July 7 - 18:16 GMT - Mozilla developer "timeless" creates patch closing vulnerability. He posts the patch on the Bugzilla Database so that other developers can approve it. (source) The bug had been known to the world for a matter of hours before a patch was created to fix it
David Robinson used the data from the 28,657 people who self-selected to take the Stack Overflow survey to investigate the relationship between programmer pay and the conventions of using either tabs or spaces to mark indents, and found a persistent, significant correlation between using spaces and bringing home higher pay.
It’s the end of an era, sort of: Fraunhofer IIS, the developers of the MP3 audio compression format, announced that they are ceasing their licensing program. In a blog post, spokesman Matthias Rose says that it’s had a good 20-year run and is obsolete. But it’s also true that the decoding patents expired last year, […]
Freddy deBoer writes that he’s been telling the same joke for years about Silicon Valley’s only product, which might be universalized as “At last, a way to verb with nouns on the internet!” But the social-media techopoly is stable, now, and so the venture capitalists have moved on to the three terrible trends that will […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]
As the old saying goes, “You should sit in meditation for 30 minutes every day. Unless you are too busy, in which case you should meditate for an hour.” Since most of us have an endless list of things to do and people to see, carving out quiet time can feel impossible, especially when most […]
The Bragi Dash Truly Wireless Smart Earphones are far more than your run of the mill Bluetooth earbuds. While the earpiece design makes these earbuds ideal for exercise and activity, and passive noise cancelling is conducive to a more serene listening experience, these buds go well beyond just playing music.First of all, they can actually […]