4 posts • joined 23 Mar 2010
Not sql injection
The vulnerability was unrelated to SQL injection. The problem was a vulnerability in the YAML & XML parsers combined with the fact that rails will automatically deserialize data posted in those formats
Although an unannounced inspection is *exactly* how they stole the vx gas in that classic film, 'The Rock'
Is the concern about android apps entirely well founded? It's not as if every linux app in the world has to be gpl-ed, despite the kernel being licensed under the GPL.
And how directly do android apps use kernel headers ? I wouldn't have though a userland application would need to mess with kernel headers (especially if written in java)
Greedy network operators
The pay off from £1 text message is something like 60-65p. 17.5% of that is VAT, but the network operators take a big slice (and virgin used to take enormous amounts). Last time I looked payforit wasn't any better in that respect.