Feeds

* Posts by Jan Ingvoldstad

5 posts • joined 9 Jan 2009

Spectra builds MONSTER TRUCK of tape libraries

Jan Ingvoldstad
Linux

Imagine a Beowulf cluster of those!

Sorry, sorry, this just hasn't been said in a long time, has it?

I'll get my coat.

0
0

Thousands of WordPress sites commandeered by Black Hole

Jan Ingvoldstad

TimThumb is not a WordPress plugin.

It is more commonly a part of themes and other WordPress plugins, so you won't know that your TimThumb is out of date. You have to trust that the WordPress plugin creators provide an updated version.

Unfortunately, many of the plugins and themes using TimThumb are commercially paid editions which are not managed directly by WordPress' own plugin database, you download and install them semi-manually or fully manually.

Also, these plugins and themes rarely publish which TimThumb version they use, they don't publish security advisories or notes regarding their products, and and and.

Nevermind that the entire concept of TimThumb is b0rken, technically speaking. :)

Generally, allowing pluggable PHP code is a Bad Thing security wise.

0
0

Did a Seagate sales bloke just say 5TB drives are coming?

Jan Ingvoldstad
Happy

And we never did!

That is, at home we started with a 5 MB HDD connected to the dual-drive IBM PC. We never managed to fill that disk, and couldn't see how it would even be possible.

Later, we upgraded to an IBM PC XT with a 10 MB HDD, and then we filled it, of course. :)

0
0

Adobe Flash vulnerable to remote-execution exploit

Jan Ingvoldstad
Alert

Yes, Flash 10 is vulnerable.

http://www.adobe.com/support/security/bulletins/apsb09-01.html

The link IS in the advisory that El Reg links to, but the iDefense advisory sucks royally.

"iDefense has confirmed the existence of this vulnerability in latest version of Flash Player, version 9.0.124.0. Previous versions may also be affected."

Well, that's not the latest version of Flash Player, not by a long mile. This marks down iDefense as an unreliable source for advisories in my book.

0
0

VeriSign remedies massive SSL blunder (kinda, sorta)

Jan Ingvoldstad
Coat

It's not as if botnets ...

... have much CPU power available for massively parallel computing, now is it?

0
0