Similar to my previous blog entry, this is a blog about a lad who discovered a vulnerability and disclosed it to the company running the site. In this case, a Russian lad had discovered a way to remove any video from Youtube.com (a big deal obviously). This was done with a simple request made by the user:
In response to the disclosure of this bug, Google rewarded $5,000. A small reward for such a massive flaw in the system. (at least in my opinion)
Laxman had discovered a security vulnerability on facebook.
“The vulnerable part is, it just checks the owner of the access token and not the application which is making the request. So it allows any application with user_photos permission to read your mobile photos. “
The vulnerability allows for a user to see the photos you have privatized on your mobile device. Laxman reported this vulnerability and explained how he got there. Facebook responded by rewarding him with $10,000 and putting him on a white-list. It pays to know a thing or two about computer security.
In my experience, most people who go to purchase a new smart phone are not thinking about hardware. No one thinks about hardware because most people know so little about hardware. Apple knows this. Samsung knows this. Google knows this too, which is why so many major companies are trying their best to push their cloud services out into the market. If you sell a phone with low storage and pretend that including more storage would cost a lot more to produce, then people become forced to use some kind of cloud storage. If the phone they purchased comes with the manufacturers cloud software already installed, the user will be more likely to use that service. This is why Samsung is moving away from the removable battery and external SD card slot with their newest flagship (Galaxy S6), as shown here:
If companies like Sandisk keep pushing the envelop with their outstanding hardware developments, like a 200gb micro sd card slot, don’t you think customers will become more hardware-aware? I’m not so sure.
Wikipedia is suing the NSA. The organization with all of our public knowledge is suing the organization with all of our private knowledge. Is now the time for other massive companies and organizations to make a stand?
This week US Rep. Marsha Blackburn filed legislation under the name of “Internet Freedom Act” in an effort to “overturn the Feberal Communications Commission’s new network neutrality rules”. This is especially interesting to me since Blackburn received ” $25,000 from an AT&T political action committee (PAC), $20,000 from a Comcast PAC, $20,000 from a cable industry association PAC, and $15,000 from a Verizon PAC, according to the Center for Responsive Politics.” This means that she is essentially promising the complete opposite of what is actually happening. Another case of a politician cashing in for personal gain while hiding behind a mask of “freedom”.
The sentence that irritated me the most was this: ““Once the federal government establishes a foothold into managing how Internet service providers run their networks they will essentially be deciding which content goes first, second, third, or not at all,”
I seriously do not understand how a person can read that and think “oh look, freedom”
Using this source, you can set up your own attack map. This provides a graph that shows
any attacking IPs to your system. The map itself looks like this:
The map also comes with sound effects.