After reporting out this month’s feature on software security, it strikes us that there appear to be parallels between companies selling security solutions and those selling pharmaceuticals. Those who take to conspiracy theories have argued for years that the pharmaceutical companies have no incentive to eliminate, say, cancer, because they would lose the massive profits … continue reading
In its 2015 report, the Open Web Application Security Project (OWASP) identified SQL injection and cross-site scripting among its Top 10 software vulnerabilities. Again. If it feels as if you’ve been reading this same story for the last decade, it’s because you have. So why is it that we can build intelligent robots, fling unmanned … continue reading
Software developers still reeling from the constant security failures throughout the open-source stack in 2014 can take at least some comfort from the proceedings at this year’s RSA Conference in San Francisco. Most of the solutions, talks and products discussed at the show are not focused on the developer-induced security flaws that caused such a … continue reading
Nokia has announced it is joining forces with Alcatel-Lucent in an effort to become an innovation leader and provider of technology and services for the IP connected world. The combined company would focus on providing connectivity for people, such as with the Internet of Things. “I am proud that the joined forces of Nokia and … continue reading
The Internet Society thinks the Internet could be better protected through cooperation and collaboration. The organization is releasing a Collaborative Security approach to help tackle cybersecurity issues. “People are what ultimately hold the Internet together,” the Internet Society wrote on its website. “The Internet’s development has been based on voluntary cooperation and collaboration. Cooperation and … continue reading
Hannover, Germany — “There are now as many pieces of digital information as there are stars in the universe.” That statement from the opening ceremony CeBIT 2015, held earlier this month, means that developers have their work cut out for them. IoT, Big Data and security were major themes at the event, which has successfully … continue reading
UPDATE: SourceForge has removed the offending Binkiland software from its installer. Read the full story here. If you’ve been working with software for longer than five years, then you can remember a time when SourceForge was one of the pillars of open-source software. It used to be the only good place to go to find fresh … continue reading
OpenSSL has issued a new security advisory outlining more than a dozen issues ranging from high to low severity. (Related: OpenSSL to undergo massive security audit) On the heels of announcing a sweeping security audit of the now-stable OpenSSL codebase, the SSL/TLS security protocol underlying much of the Web’s encryption has published warnings for security … continue reading
Microsoft wants to kill the password in Windows 10. As part of its upcoming operating system release, Microsoft announced it will introduce a new biometric security technology called Windows Hello, allowing users to unlock their Windows 10 devices by scanning their face, iris or fingerprint. Windows 10 PCs will ship later this year with Intel’s … continue reading
Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. It’s been close to a year since the Heartbleed bug sent the Internet into a frenzy over security. It spurred the software industry to rally behind OpenSSL—sending in more developers, revamping the … continue reading
It has been almost a year since Telerik announced its cross-platform framework for Android, iOS, and Windows. Today, that NativeScript framework is finally making it into public beta. Valentin Stoychev, product line manager at Telerik, announced that developers can start using the framework to build native mobile apps with CSS and JavaScript. “We have been … continue reading
It was only a few short months ago that a vulnerability in the Xen Hypervisor resulted in problems for Amazon’s EC2. We called it the Amazonian apocalypse then, and the time has come for its sequel. Last time, as you may recall, servers were chunked into sections and given windows during which they needed to … continue reading
