By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
Linked List: June 24, 2008
Tuesday, 24 June 2008
- How to Protect Yourself From the New Mac OS X Trojans ★
-
Rich Mogull for TidBITS:
I almost avoided writing this story since I hate to add to the hype of low-risk threats like this. While I don’t doubt for a second that we’ll see serious Mac (and iPhone) security threats in the future, this one is pretty low on the list of things to worry about, especially if you don’t make a practice of downloading random software from unknown developers. But unlike many other Mac vulnerabilities, this one has already been weaponized and is starting to appear in the wild.
- Brian Krebs on Trojan Toolkit Based on ARDagent Security Hole ★
-
Leopard’s ARDagent — the background process that handles Apple Remote Desktop access — has a security hole, where it allows arbitrary AppleScripts to run as root, and, since AppleScript can execute shell scripts, arbitrary shell code to run as root too. Brian Krebs has uncovered proof-of-concept code that takes advantage of the hole.
- Adam Engst on Firefox 3 ★
-
For Mac users, Firefox 3 seems to be a polarizing release. Some, like Andy Ihnatko, simply love it. Others, like Johan Sanneblad, can’t get past its “better than Firefox 2, but still ersatz” non-native UI. I fall somewhere in-between. Adam Engst seems to, too, and his seems like a balanced review.
- New Round of Funding for Twitter ★
-
Biz Stone:
We’re happy to announce two new members of our investment team: Bijan Sabet with Spark Capital in Boston and Jeff Bezos of Bezos Expeditions in Seattle.
- WordPress 2.6 to Disable Remote Access by Default ★
-
MarsEdit author Daniel Jalkut on the WordPress team’s decision to disable remote API access by default in the name of security:
Also worth considering: if a service is disabled by default for security considerations, what message does that send to people who choose to, or who are encouraged to turn the service back on? It sets up a perception of insecurity which may not even be warranted. If the remote publishing interfaces are insecure, they should be fixed, not merely disabled!
- Jerry Seinfeld on George Carlin ★
-
Jerry Seinfeld:
His performing voice, even laced with profanity, always sounded as if he were trying to amuse a child. It was like the naughtiest, most fun grown-up you ever met was reading you a bedtime story.
- Om Malik on Nokia’s Symbian Acquisition ★
-
I’m curious why he’s so bullish on LiMo.
- Time to Kick GM Out of the Dow ★
-
GM’s market value is just $7.5 billion, the lowest, by far, of any of the 30 companies in the Dow Jones Industrial Average. By comparison, Cisco’s market value is $145 billion and Apple’s is $153 billion — which means they’re each worth about 20 times more than GM.
- Kerning and OpenType Features in Firefox 3 ★
-
Ralf Herrmann on the pros and cons of Firefox 3’s advanced typographic features. (Via Susan Everett.)
- Nokia Buys Rest of Symbian, Will Make Code Open Source ★
-
Mikael Ricknäs:
Nokia on Tuesday announced it plans to acquire all of Symbian, which develops an operating system for mobile phones. The Finnish phone giant currently owns about 48 percent and will pay €264 million ($410 million) for the rest.
- Bob Dylan on Abraham Lincoln ★
-
Ron Chester’s research tracing the “You can fool some of the people all of the time…” maxim to Abraham Lincoln. (Thanks to Rob Mientjes.)