Troy Hunt: Everything you need to know about the Shellshock Bash bug
Remember Heartbleed? If you believe the hype today, Shellshock is in that league and with an equally awesome name albeit bereft of a cool logo (someone in the marketing department of these vulns needs to get on that). But in all seriousness, it does have the potential to be a biggie and as I did wit…
Americans are renouncing citizenship after being forced out of bank accounts
Thousands of US Citizens abroad are giving up their citizenship as a new tax law holds foreign banks and its expatriates ransom.
Hasnain says:
"To avoid breaking any laws, Welch will have to renounce his US citizenship and file five years’ worth of tax returns as well as possibly thousands of dollars to the US government in taxes on income he earned in Canada. He will have to foot bills for airplane flights and miss out on wages – and that’s not counting the $2,350 fee to renounce a citizenship he never assumed in the first place."
This is nuts.
Posted on 2014-09-25T17:36:20+0000
Silicon Valley’s Contract-Worker Problem
An examination of tech's favorite labor model.
Hasnain says:
This is a really good read. All this explosive startup growth doesn't come for free: there is often a human cost behind it.
Posted on 2014-09-25T05:56:20+0000
Relativistic hash tables, part 1: Algorithms [LWN.net]
One might wonder whether the resizing of hash tables is common enough to be worth optimizing. As it turns out, picking the correct size for a hash table is not easy; the kernel has many tables whose size is determined at system initialization time with a combination of heuristics and simple guesswor…
Xen Security Advisories
xenbits.xen.org
Hasnain says:
"XSA-108 2014-10-01 12:00 none (yet) assigned (Prereleased, but embargoed)"
I wonder what it is this time, given that AWS is pre-emptively shutting instances down and telling users their instances will be rebooted.
Posted on 2014-09-25T01:56:38+0000
oss-sec: CVE-2014-6271: remote code execution through bash
seclists.org
Hasnain says:
Yay, another huge remote code execution vulnerability.
Posted on 2014-09-24T18:25:46+0000
Careful with that Buffer… | OS/2 Museum
Last week I was sorting through several sets of Microsoft C 5.1 disks from 1988 (more about that later). While I was comparing the disk images to see whether the disks were the same or not, despite different labels and part numbers, I did a double take when I realized that a file with random e-mail…
Hasnain says:
"Random memory fragments such as those listed here can be found on many IBM and Microsoft disks, but usually they contain bits of directories or executables, not plain text of e-mails."
"and we're going to KILL HIM WITH HAMMERS. Hahahahahahahaha.
And THEN we're going to ..."
Brave New Phone Call
Ray Ozzie’s new app Talko hopes to give people their voices back
Hasnain says:
"No matter what happens to Talko, it is remarkable that a pioneer from the floppy disk days has created one of the year’s most innovative mobile apps. Back in 2000, Bill Gates noted that, of the early visionaries of personal computing, very few were still in the game. “Except for Jobs and myself and Ray Ozzie, it’s not very many people,” he told me. Fourteen years later, Jobs is dead and Gates is no longer a full-timer at Microsoft.
But Ray Ozzie is still building. And he wants to reinvent the phone call."
Posted on 2014-09-23T18:56:56+0000
The colossal DEA failure that prevented a potentially major medical breakthrough
Once upon a time, researchers hoped to explore the promise of ecstasy for treating PTSD. Then the feds stepped in
Hasnain says:
"The drug that had been “mislabeled” as MDMA and proven so horribly toxic that it had stopped Michael’s study cold; the drug that was far more toxic than actual MDMA, methamphetamine, already was a prescription medicine."
Posted on 2014-09-22T19:14:00+0000
Shirky: Ontology is Overrated -- Categories, Links, and Tags
Clay Shirky's writings about the Internet, including Economics and Culture, Media and Community, Open Source
Hasnain says:
Long, and worth reading for anyone who works or is interested in ontologies and classification.
"They missed the end of this progression, which is that, if you've got enough links, you don't need the hierarchy anymore. There is no shelf. There is no file system. The links alone are enough."
"One of the biggest problems with categorizing things in advance is that it forces the categorizers to take on two jobs that have historically been quite hard: mind reading, and fortune telling. It forces categorizers to guess what their users are thinking, and to make predictions about the future."
Posted on 2014-09-22T02:54:00+0000