UPDATE: SourceForge has removed the offending Binkiland software from its installer. Read the full story here. If you’ve been working with software for longer than five years, then you can remember a time when SourceForge was one of the pillars of open-source software. It used to be the only good place to go to find fresh … continue reading
OpenSSL has issued a new security advisory outlining more than a dozen issues ranging from high to low severity. (Related: OpenSSL to undergo massive security audit) On the heels of announcing a sweeping security audit of the now-stable OpenSSL codebase, the SSL/TLS security protocol underlying much of the Web’s encryption has published warnings for security … continue reading
Microsoft wants to kill the password in Windows 10. As part of its upcoming operating system release, Microsoft announced it will introduce a new biometric security technology called Windows Hello, allowing users to unlock their Windows 10 devices by scanning their face, iris or fingerprint. Windows 10 PCs will ship later this year with Intel’s … continue reading
Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. It’s been close to a year since the Heartbleed bug sent the Internet into a frenzy over security. It spurred the software industry to rally behind OpenSSL—sending in more developers, revamping the … continue reading
It has been almost a year since Telerik announced its cross-platform framework for Android, iOS, and Windows. Today, that NativeScript framework is finally making it into public beta. Valentin Stoychev, product line manager at Telerik, announced that developers can start using the framework to build native mobile apps with CSS and JavaScript. “We have been … continue reading
It was only a few short months ago that a vulnerability in the Xen Hypervisor resulted in problems for Amazon’s EC2. We called it the Amazonian apocalypse then, and the time has come for its sequel. Last time, as you may recall, servers were chunked into sections and given windows during which they needed to … continue reading
The concept was similar to other anonymous social media messaging platforms, like Yik Yak, Secret and Whisper. But when Preetham Reddy, lead developer for RezTech LLC in Phoenix, and his team built the Sipper location-based bulletin app, he learned a few hard lessons—as most fledgling app developers do. RezTech’s app experience, while not particularly unique, … continue reading
Since it was created in 2011, Storm has garnered a lot of attention from the Big Data and stream-processing worlds. In September 2014, the project finally reached top-level status at the Apache Foundation, making 2015 the first full year in which Storm will be considered “enterprise ready.” But that doesn’t mean there’s not still plenty … continue reading
More than 90% of data breaches occurring in the first half of 2014 could have been prevented, according to a report from the Online Trust Alliance (OTA). In its 2015 Data Protection Best Practices and Risk Assessment Guidelines, the OTA analyzed more than a thousand personally identifiable information breaches reported by the Open Security Foundation … continue reading
If there was one word that could best sum up the software security situation in 2014, it would be “Egad!” With major enterprises like Target, Home Depot and Sony getting not just hacked but completely compromised in 2014, what hope do smaller firms have at keeping the attackers at bay? Fortunately, things are already looking … continue reading
Software-defined networks and Network Functions Virtualization will redefine enterprise computing and change the dynamics of the cloud. Data thefts and professional hacks will grow, and development teams will shift their focus from adding new features to hardening against attacks. Those are two of my predictions for 2015. Big Security: As 2014 came to a close, … continue reading
Every year there are a number of vulnerabilities exposed and exploited, but 2014 was bad in terms of software security. In the beginning of the year, Cenzic revealed the latest results from its 2014 Application Vulnerability Trends report and found that a majority of apps have at least one security vulnerability; but it wouldn’t be … continue reading
