News (410)

Firefox 2 support to be cut off

The Mozilla Foundation is planning to end support for the Firefox 2 browser in mid-December, despite the persistence of significant flaws in the most-recent version of the popular browser. Read more »

Microsoft explains seven-year patch delay

Microsoft has offered an explanation as to why it took the company seven years to issue a patch for a known vulnerability. Read more »

Researcher warns of Android browser vulnerability

A flaw exists in the Google-led Android mobile platform that could let users be tricked into visiting malware-laden websites and unwittingly have their keystrokes recorded, The New York Times has reported. Read more »

Microsoft RPC exploit could be a packaged deal

While Microsoft has labeled Thursday's emergency patch MS08-067 as "critical" and provided a rareout-of-cycle fix because its exploit could easily be used as worm on a compromised network, one security researcher doesn't think it will happen that way. Read more »

Adobe addresses Flash Player 'clickjacking' flaw

Adobe has addressed a security flaw in its Flash Player products that could lead to 'clickjacking' attacks. Read more »

TCP flaw threatens Web servers

Two researchers in Sweden have found multiple flaws in the TCP stack that could lead to massive denial-of-service attacks if exploited. At present there is no workaround and there are no patches available. Read more »

Governments urged to lay foundation for SaaS

The best guardians of the underlying architecture are governments, a Salesforce.com executive said. Read more »

Microsoft fixes eight critical flaws with four patches

Microsoft on Tuesday released its September 2008 security bulletin summary.The four bulletins concern Windows GDI+, Windows Media Player, and Microsoft Office OneNote. All are rated critical by Microsoft. There is no cumulative patch for Internet Explorer this month. Read more »

AMP re-thinks secure development

Australian financial services giant AMP has re-thought the way its information technology security team relates to the rest of the business as a result of the industry's increasing reliance on Web applications to deliver services. Read more »

Microsoft attacks potential VMware feature

Senior Microsoft security strategist Steve Riley last week criticised virtualisation rival VMware for an idea that could see virtualised operating system images patched while they were still running in memory. Read more »

Features (78)

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious websites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings. Read more »

Find and fix weak OpenSSL/OpenSSH keys: Debian-based Linux vulnerability

A recent vulnerability was found in the OpenSSL package as provided by Debian and Debian-based Linux distributions, such as Ubuntu, that broke the effectiveness of the OpenSSL PRNG (Predictable Random Number Generator). Read more »

Fix Linux when it won't start

No OS is 100 percent foolproof. Eventually, even Linux may not boot one day when you want it to. Read more »

When will Microsoft fully embrace Web standards?

I recently revisited the issue of using Web standards when working with Microsoft SharePoint 2007 and Outlook 2007. The products' lack of adherence to Web standards was surprising given the advancements incorporated in Internet Explorer 7. Read more »

Extract high quality MapPoint images using VB.NET

Extracting a quality MapPoint image requires some programmatic footwork via Microsoft Office Document Imaging and the .NET Framework. Read more »

Gosling looks down Sun's open road

James Gosling discusses Sun's decision to release Java under the General Public License, whether open source is more secure than proprietary software, how IT departments can cut development costs, and why Microsoft still owns the desktop. Read more »

Regular expresssion substitutions in Perl

Substitutions using regular expressions are perhaps the most powerful tool at your disposal when dealing with text. In this primer, Builder AU's Nick Gibson will get you up to speed on using substitutions in Perl. Read more »

Why does process improvement fail?

It's clear, both anecdotally and objectively, that process improvement efforts have failed far more often than they have succeeded. Read more »

Understanding the pros and cons of the Waterfall Model of software development

Waterfall development is a software development model involving a phased progression of activities, marked by feedback loops, leading to the release of a software product. This article provides a quick and dirty introduction to the model, explaining what it is, how it's supposed to work, describing the six phases, and why the model can fail. Read more »

Is IT certification still relevant for developers?

The IT certification landscape has drastically changed over the years. It was once considered the measuring stick for IT knowledge, is this still true? Read more »

Blog (9)

Lack of turn out shows Linux's crossover

Staff [blogs:syslog] -- This week's Roundup looks at the lack of excitement surronding this year's LinuxWorld conference, Dan Kaminsky has finally revealed the details of his DNS flaw and we take a look at the new features to come in Firefox. Read more »

You've got patched flaws!

Staff [blogs:syslog] -- Patents and Symantec were made to look very silly this week. Microsoft said that open source was a bigger threat than Google and no prizes for guessing which month the final version of Firefox 3 will appear in. Read more »

Discover what you already knew

Staff [blogs:syslog] -- Have you ever thought the metrics measured against you as a code monkey to be unfair or a waste? Well you could be right. Read more »

QuickTime and Firefox combine for insecurity

Nick Gibson [blogs:byteclub] -- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »

'Tis the season for Python hacking

Nick Gibson [blogs:byteclub] -- Python founder and benevolent dictator Guido van Rossum, now of Google, announced on the Python developer lists the second annual Python Sprint at Google. The result should be an initial alpha of the Python 3000 interpreter. Read more »

Anti-Virus software hit with 6 critical vulnerabilities

Staff [blogs:syslog] -- Kaspersky Labs announced over easter that their latest maintenance pack fixes six critical security vulnerabilities in their anti-virus software. The security flaws affect the Anti-Virus 6.0 and Internet Security products, including both the workstation and server editions. Read more »

What to expect from Rich Internet Applications

Matt Overington [blogs:bricksandmortar] -- I had a look this week at what the developers claim to be the world's largest Adobe Flex application. Read more »

Another day, another patent threat

Brendon Chase [blogs:codemonkeybusiness] -- Planning on building an AJAX application that will be hosted in the United States? First, you may need to pay for a licence if the latest patent debacle is enforced. Read more »

Buffer Overflows still an issue

[blogs:] -- Developers are saying they've heard enough about buffer overflows and they knwo how to prevent them. Ok, then why are we still seeing them? There is still unmanaged code out there, and we still need to pay attention to how we write it. Read more »

Log in


Sign up | Forgot your password?

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?