Security issues of using shared code
Grok Headline matches for Security issues of using shared code
Shared Office Code Unlikely to Sway
Governments
Shared Office Code Unlikely to Sway
Governments
09/22/2004 04:36 PMGovernment officials say Microsoft's move to share the source code for
Office 2003 won't change anyone's mind about Microsoft or open source.
Shared Office Code Unlikely to Sway
Governments (Ziff Davis)
Shared Office Code Unlikely to Sway
Governments (Ziff Davis)
09/22/2004 04:55 PMZiff Davis - Government officials say Microsoft's move to share the
source code for Office 2003 won't change anyone's mind about Microsoft
or open source.
Shiflett.org: Security Corner - Shared
Hosting
Shiflett.org: Security Corner - Shared
Hosting
09/27/2004 09:29 AMMy column from the Mar 2004 issue of php|architect is now available for
free: Security
Corner: Shared Hosting
Microsoft to Offer Office Source Code
Under Shared Source
Microsoft to Offer Office Source Code
Under Shared Source
09/20/2004 10:45 AM
Microsoft is releasing its Microsoft Office desktop source code to
qualifying international governments and agencies via the company's
Shared Source licensing program.
"Code Access Security (CAS) ? "Guilty
until proven Innocent" (Partially
Trusted Code) "
"Code Access Security (CAS) ? "Guilty
until proven Innocent" (Partially
Trusted Code) "
06/22/2004 04:03 AM
CA tool kit enables shared security
controls to be integrated with existing
apps
CA tool kit enables shared security
controls to be integrated with existing
apps
06/24/2005 08:54 PM
Last time out I spoke about smaller, more tightly focused, industry
events (conferences, trade shows, user group meetings, etc.). All of
that reminded me to mention something that occurred at the Gartner IT
Summit in Washington, D.C. earlier this month. At that conference,
Computer Associates announced its eTrust Identity and Access
Management (IAM) Toolkit. While it's aimed at commercial developers,
in-house programmers might benefit more from this release.
Microsoft issues warning to downloaders
of leaked source code
Microsoft issues warning to downloaders
of leaked source code
02/18/2004 06:53 PM
Sydney Morning Herald Feb 18 2004 11:17PM GMT
SQL Security Issues
SQL Security Issues
04/24/2004 10:35 PM
Other News: Security Issues
Other News: Security Issues
09/27/2004 09:27 AM
We link to several articles about serious security threats and the
Mac's position vs. Windows.
Can An Apple A Day Keep Security Issues
At Bay?
Can An Apple A Day Keep Security Issues
At Bay?
06/03/2004 06:42 AM
By Mathew Schwartz, Security Wire Perspectives (via MyAppleMenu)
Are we just living with Security Issues?
Are we just living with Security Issues?
12/30/2003 01:22 AM
Since August 17th, we have had thousands of computers hit with the
Nachi or Blaster worms. Over the past few months, we have only seen an
increase in the number of hosts infected. It seems as though the
Internet IT...
Cisco issues another security warning
Cisco issues another security warning
04/16/2004 01:13 PM
The networking giant warns customers of a security vulnerability
associated with its Cisco 3000 VPN Concentrator.
Notes and Tips: Security Issues
Notes and Tips: Security Issues
06/10/2004 09:59 AM
Here's one more note about Mac OS X security vulnerabilities following
the latest Apple update.
phpBB Issues Security Update
phpBB Issues Security Update
12/19/2004 03:07 PM
Security Issues in Rediff Bol Messenger
Security Issues in Rediff Bol Messenger
01/01/2004 04:31 AM
S G Masood (Jan 22 2003)
abuse & security issues > Israel
abuse & security issues > Israel
03/29/2005 08:40 PM
Gadi Evron (Mar 29 2005)
It now appears that all of OS's have
security issues
It now appears that all of OS's have
security issues
12/12/2003 06:52 AM
Jaguar and Panther equally vulnerable .. Macs are not Invulnarable ..
this rather weak article .. this recent
storyabcnews.go.com/sections/scitech/ZDM/mac_vulnerablility_pcmag_0
31211.html
track this
site | 5 links
Yahoo issues security patch for IM
Yahoo issues security patch for IM
08/13/2004 12:45 PMWeb giant releases fix for vulnerability stemming from open-source
graphics code.
Microsoft Issues Security Patches
Microsoft Issues Security Patches
11/11/2003 10:17 PMPC Magazine Nov 11 2003 9:32PM ET
Microsoft issues security update
Microsoft issues security update
07/03/2004 10:00 AMUSA Today Jul 3 2004 2:31PM GMT
smart thinking about IM security issues
smart thinking about IM security issues
03/06/2004 01:57 AMi get more IM spam in a day than i've gotten comment spam in my entire
life
The continuing saga of IE Security
Issues
The continuing saga of IE Security
Issues
04/09/2004 07:57 PMI have a simple question. Why can't a company that has 50 billion
dollars in reserve cash fix their damn...
Apple issues Mac OS X security patch
Apple issues Mac OS X security patch
05/21/2004 06:49 PMMicrosoft issues seven security patches,
two critical
Microsoft issues seven security patches,
two critical
07/13/2004 05:08 PMSoftware updates released today by Microsoft include fixes for
previously unknown flaws in the Windows OS, including critical holes
in the Windows Task Manager and HTML help features.
Apple issues iChat security fix
(MacCentral)
Apple issues iChat security fix
(MacCentral)
09/17/2004 10:47 AMMacCentral - Apple Computer Inc. on Thursday released its third
security update in recent days. Security Update 2004-09-16 fixes a
security issue with Apple's iChat application that allowed Remote
iChat participants can send "links" that can start local programs if
clicked.
Windows-Based PCs Plagued By Security
Issues
Windows-Based PCs Plagued By Security
Issues
12/28/2004 03:41 PMRed Nova Dec 28 2004 8:09PM GMT
@Stake issues security advisories for OS
X Jaguar
@Stake issues security advisories for OS
X Jaguar
10/29/2003 02:45 PMSecurity consulting firm,
@Stake
issued
three
security advisories for Apple's Mac OS X operating system late
last night. The advisories affect Mac OS X 10.2.8 and lower and do not
appear to affect the company's recently released Panther operating
system. In fact, @Stake is recommending users upgrade to Panther as a
fix for the problems.
Apple issues revised security update
Apple issues revised security update
09/13/2004 09:42 PMApple has released a revised version of last week's
Security Update
2004-09-07, which fixes problems with Safari & FTP server in the
original security update. The new update is now available via the
Software Update panel and can be installed over the previous update.
@Stake issues security advisories for
Jaguar
@Stake issues security advisories for
Jaguar
10/29/2003 02:47 PMInternet security firm @Stake issued three security advisories for Mac
OS X on Tuesday...
New Online Ventures Get Help With
Internet Security Issues
New Online Ventures Get Help With
Internet Security Issues
08/19/2004 02:11 AMMSTBIE, an online business solutions provider, today has announced
their partnership with Geeks In A Flash! providing new business with
additional options for ensuring the safe and successful launch of
their online business ventures. [PRWEB Aug 19, 2004]
Opera Problems -- Security Issues, New
Version
Opera Problems -- Security Issues, New
Version
03/14/2003 12:25 AMMac or PC? Windows' security issues help
some users choose
Mac or PC? Windows' security issues help
some users choose
09/21/2004 10:11 PMUSA Today Sep 22 2004 2:19AM GMT
Microsoft issues April security updates
Microsoft issues April security updates
04/13/2005 11:59 AMComputer Shopper Apr 13 2005 3:48PM GMT
Apple issues QuickTime security patch
Apple issues QuickTime security patch
05/06/2004 10:03 AMSybase ASE Multiple Security Issues
(#NISR05042005)
Sybase ASE Multiple Security Issues
(#NISR05042005)
04/05/2005 05:38 PMNGSSoftware Insight Security Research
Apple Will Be Patching Jaguar Security
Issues
Apple Will Be Patching Jaguar Security
Issues
10/31/2003 04:07 PMPaper maker documents key IT security
issues
Paper maker documents key IT security
issues
03/28/2005 06:16 AMJames Cupps, a former network engineer and information security
officer for the U.S. Navy, is now on his second tour of duty with
Sappi Fine Paper North America, a division of a $4.7 billion South
African manufacturing company. Cupps, the North American division's
information security officer and Sappi's global security lead,
recently shared his thoughts with Network World Executive News Editor
Bob Brown.
Cisco issues wireless Lan security alert
Cisco issues wireless Lan security alert
12/04/2003 09:38 AMvnunet.com Dec 4 2003 8:48AM ET
NIST Issues Windows XP Security Guide
NIST Issues Windows XP Security Guide
07/06/2004 01:22 PMGrok Description matches for Security issues of using shared code
GrokA matches for Security issues of using shared code
OOPS 0.1001
OOPS 0.1001
05/11/2004 11:49 PMA persistent store for deep and cross-linked Perl objects.
1001 Things To Hate About The Convention
1001 Things To Hate About The Convention
09/01/2004 10:12 AM
1001
Things To Hate About The Convention. Funny, and exhaustive, stuff
from New York Press.
HotFix Watch: Win32 Error = 1072 error
appears after you change the SMS 2.0
Service account of a secondary site
HotFix Watch: Win32 Error = 1072 error
appears after you change the SMS 2.0
Service account of a secondary site
12/28/2004 07:03 PMCliex32.dll Error 126 Error in
Wnmanual.log
Cliex32.dll Error 126 Error in
Wnmanual.log
06/18/2004 08:16 AMAdvanced Error Handling: Writing an
Error Handling Class
Advanced Error Handling: Writing an
Error Handling Class
11/10/2003 11:25 PMIf you're tired of the default error handler and want to have complete
control over default error messages, you should write your own error
handling class. Writing your own handler will enable you to change the
way php handles your error messages, and allows you to create your own
error types. With this class you will be able to send error messages
to a log file, or send error reports via email.
Disabling Microsoft Windows XP Error
Reporting Services
Disabling Microsoft Windows XP Error
Reporting Services
05/03/2004 11:44 PMMicrosoft error on maps dents its ties
with India
Microsoft error on maps dents its ties
with India
08/21/2004 07:29 AMSilicon India Aug 21 2004 11:41AM GMT
Microsoft SQL Server 7.0 databases
monitoring – 1105 / 9002 error
recovering PART1
Microsoft SQL Server 7.0 databases
monitoring – 1105 / 9002 error
recovering PART1
07/08/2004 05:24 AM404 error
404 error
01/14/2003 02:28 PMI found this funny 404 error message on SDForum's Web
site:
Either BOF or EOF is True, or the current record has been deleted.
Requested operation requires a current record.
PXE-E51 Error
PXE-E51 Error
08/14/2004 05:23 PMError
Error
08/10/2004 02:34 PMlivejournal.com/tools/memadd.bml?journal=jmhm&itemid=959603
track this
site | 2 links
Read error
Read error
11/02/2003 05:25 PMCNET Asia Nov 2 2003 4:29PM ET
Spot the Error
Spot the Error
02/10/2004 02:45 AMCleaned up eh? (hint: line 28)...
More on XML Error Handling
More on XML Error Handling
01/22/2004 02:56 AMI thought I'd respond to a few of the comments I received:
Many people suggested that there be a built-in validator in the
browser that could show the errors to the developer. The validators
basically break down into two types: obtrusive validators and
unobtrusive validators.
If the validator is unobtrusive, then I would argue that it won't
receive sufficient usage to make a difference. If the browser doesn't
impose a penalty of some kind, then there will be no incentive for the
author to correct mistakes.
I can see the value of an obtrusive validator, as long as the
obtrusive part was only checking well-formedness (i.e., really basic
mistakes).
(2) Some people pointed out that my own blog was not valid. I have
two responses to that:
(a) I am not arguing for perfectly valid XML documents. I am
arguing for well-formed XML documents. There is a difference.
I think asking that the page be well-formed is setting the bar fairly
low. For example, one of the current errors on this blog is that I
have two elements with the same id. While this makes the blog
invalid, it does not have any effect on the blog being well-formed.
At least I don't think it does. :)
(b) I'm illustrating a point, namely that I have no reason to make
the blog valid, given that browsers will display the blog anyway.
(3) People complained that I wasn't serving up XHTML. I can't
actually serve up XHTML if I want the blog to be displayable in all
browsers, including Safari, which still has sufficient issues with
XHTML that I can't make that switch yet.
(4) My comments on HTML error handling were largely
misinterpreted.
Some people thought I was attacking WinIE for its permissive
handling of HTML. I was not, and I'm glad others appreciated
that fact. Back in the 90s WinIE had to emulate the permissive
error handling of the then-dominant browser Netscape. They had no
choice if they wanted Web sites to be viewable as the designer
intended. They were in the same position then that Safari is in
now.
Nor am I suggesting that WinIE should become less tolerant of
malformed HTML, or that they are at fault for not doing so. That is
simply not a logical conclusion to have drawn from my previous
comments. You can't take a Web site (even a malformed one) that works
a certain way and suddenly refuse to render it or even render it
radically differently than before.
For HTML, this issue was resolved long ago in favor of permissive
error handling and recovery, and no modern browser is to blame for
that situation.
Others said a browser that handles malformed HTML is better than
one that does not, and if Safari doesn't handle all this malformed
HTML, then it's simply not as capable a browser.
What amused me about this comment is that there is no definition of
what it means to handle malformed HTML. As long as a browser shows
you something and doesn't crash, it has handled the malformed HTML.
What people don't understand is that you don't simply have to handle
the malformed HTML. You have to handle it in exactly the same way as
the Web browser that the site author designed for.
If you do not, you'll end up with different renderings of the same
page, which as I said before, constitute the largest set of rendering
differences between Web browsers. Perfect emulation is what makes
error recovery so difficult. If you allow grossly malformed pages,
then most XML on the Web will end up being grossly malformed (as is
the case with HTML today).
Once you have a Web full of grossly malformed XML, there will be
one dominant browser that designers will check to see if the site
looks ok. They will then make assumptions that other browsers will
recover from the malformation errors in precisely the same way and
will simply assume that it is the fault of the other browsers if they
don't.
Right now it is the responsibility of alternate browsers to emulate
the dominant browser's error recovery strategies, but there's simply
no reason to do that for XML as well.
Error-Wait-0.03
Error-Wait-0.03
11/16/2003 04:50 AM404 ERROR - Ultrashock.com
404 ERROR - Ultrashock.com
12/14/2003 06:49 AMusable 404 page
ultrashock.com/404
track this
site | 4 links
Error in SMS RTM Documentation
Error in SMS RTM Documentation
05/28/2004 05:06 AMMargins of Error
Margins of Error
07/20/2004 09:16 AMWider margins should be greeted with wider smiles.
Blue Or Red? Error Or Not?
Blue Or Red? Error Or Not?
04/05/2005 04:18 AMMore variation mongers, but this time it's legit - though a little
bass ackwards, or is it?
Error-Wait-0.01
Error-Wait-0.01
11/03/2003 05:54 PMError In Downloading
Error In Downloading
11/14/2003 09:47 PMRecord, tech industries battle to make music pay off. By Russ Britt
and Steve Gelsi (CBS MarketWatch via MyAppleMenu)
Error-Wait-0.02
Error-Wait-0.02
11/16/2003 04:50 AMError in fink-0.22.0
Error in fink-0.22.0
08/21/2004 12:30 PM
The fink-0.22.0 package manager, which was available briefly in the
unstable tree this past week, had a bug which prevents further
updating via rsync. If you installed this version of fink, you
can recover by running the command
fink install fink-0.21.2-1 which will downgrade fink
to the version in the stable tree, and subsequently running
fink selfupdate
If for any reason those commands don't work, go to
the
fink file release page at sourceforge and download the
file fink-0.22.1.tar.gz . Unpack this file with
tar xfz fink-0.22.1.tar.gz , and then from within the
fink-0.22.1 directory, run the command ./inject.pl
The fink team apologizes for the error, and thanks the user
community for bringing it to our attention quickly.
Access Error
Access Error
05/24/2004 04:33 AMGeneral Says Sanchez Rejected Her Offer to Give Address to Iraqis
About Abuses
c.moreover.com/click/here.pl?r157808591
track this
site | 3 links
Database Error
Database Error
05/07/2004 06:10 AMXML Error Reporting II
XML Error Reporting II
01/22/2004 03:30 PMResponding to comments in the previous blog entry:
(1) Some people thought this was a hacked expat. Darin actually
switched Safari over to libxml2, so the error messages you're seeing
(as well as the ability to continue parsing) are all built in to
libxml2.
(2) Do you think it's better to show the page only up to the first
error or to try to display the entire page (with the understanding
that what follows the first error could be very badly mangled)?
(3) Often there are a lot of meaningless errors after the first. I
could put a cap on the number of displayed errors to deal with this
problem or just not worry about it. What do people think?
(4) Those of you who suggested drawers for errors, remember a
drawer is a UI element in Safari and not WebKit. This feature should
just work out of the box for WebKit clients, so I'm inclined not to
use drawers or sheets, but to just display the errors at the top of
the page.
VBScript Error with FTM
VBScript Error with FTM
09/02/2004 02:43 AMA possible fix for an iTunes 4.8 error
400
A possible fix for an iTunes 4.8 error
400
06/22/2005 02:23 AMIf you recently upgraded iTunes, you may have problems authenticating,
viewing your cart, or shopping. There are two errors which have been
occuring recently. The first seems to be 502, I believe, and this
appears to be resol...
SMS FAQ: Error Code 53
SMS FAQ: Error Code 53
06/24/2004 09:38 PMOn "Feedbag Error 17"...
On "Feedbag Error 17"...
10/29/2003 12:10 AMA couple of days ago I noticed that I couldn't add Azeem Azhar to my iChat AV
contacts list. I kept getting returned "Feedbag Error 17" which seemed
entirely unexpected and unpleasantly phrased. Was I a feedbag? Had
iChat eaten Azeem? The mind boggled.
After several hours of consideration, another option occurred to
me. Perhaps iChat was trying to protect me from excessive contact with
Azeem! Maybe my beautiful new Pantherised beast was being defensive!
"No, Tom!" It was going, "He's bad news! He'll tell you that you work
in Marketing again and you'll get all cross and defensive and make
that ludicrous speech about being an artisan! Please! Please! Let me
protect you from the embarrassment!" At which point, I assumed,
feedbag laptop decided to chow-down on poor Mr Azhar's AIM name with
fierce hungry vengeance. I touted this theory around a few of my
friends. General consensus, "It's not a bug, it's a feature!"
Well now I know that I'm not alone and that it's nothing
personal, Mr Azhar! My Powerbook loves you and iChat loves you and all
I had to do was throw away a couple of my childhood friends who -
frankly - are never online anyway and kind of sucked at web stuff. In
the end the problem was all caused by having too many friends -
apparently AIM can only handle 150 contacts - at least that is
according to Mssrs. Unsanity, Rael and Webb.
But it occurs to me that there's something slightly suspicious
about all of this. A couple of days ago I tried searching for
information about this error message, but it was nowhere. There was
literally no information. Today, there's a search result
returned, and posts about the subject on three separate weblogs. So
what's happened? Is it a new error message or is it just we've all hit
the limit at the same time? Or has the number of buddies available
changed? I smell a mystery!
Read the comments
Security issues of using shared code
