Troy Hunt takes a mocking look at a couple of security totems of the “friendly-looking graphic on your website proves it is invulnerable” variety.
This leads me to believe that I need to design a friendly-looking graphic and charge people to display it on their sites. This sounds like a great racket to me, just like Verisign and Symantec.
Microsoft’s Windows Store patching strategy is problematic. Well, to put it a little bit better, it’s a step back from the older updating strategy. This new strategy can work for desktop and mobile applications, but for a business environment, the ability to determine patch levels and roll back patches quickly is vital. The Android and IOS store updates are fine for consumer-grade products that non-technical people use, but if Microsoft releases a patch which, say, causes machines no longer to boot (like they did recently), businesses need to roll that thing back immediately.
Hopefully Microsoft is able to incorporate their standard, well-known, and working patch strategy into Windows Store, rather than trying to simplify things at the expense of businesses.
Courts have upheld a $222,000 fine for sharing 24 songs. This punitive fine is radically outsized considering the harm (if any) the sharing of these 24 songs caused. Republican politicians interested in capturing a larger percentage of Millenial voters should take this as an opportunity to revise existing copyright law and change damages to be representitive of provable losses. Ideally, I’d consider “provable losses” to be the market value of whatever copyrighted material a user is sharing. In the event that an item is not currently being published or distributed—for example, pirating a copyrighted book which is out of print—a nominal charge of a few dollars would apply.
Other (possibly superior) alternatives include limiting copyright to 3-7 years depending upon the medium, or eliminating copyright altogether.
Only 11 billion to go. This is, admittedly, an optimistic estimate.
A likely take on the Hack in the Box presentation regarding owning a plane. The very short version: finding a security vulnerability in flight simulator software does not necessarily mean that this is a vulnerability in the actual airplane software. I do believe that this is worth investigating and was worth presenting at Hack in the Box—it is, after all, a very interesting concept and the presenter was able successfully to perform this exploit.