|
 Color, the $41-million-in-funding location-oriented photo sharing startup, is susceptible to simple GPS spoofing. With nothing more than a jailbroken iPad or iPhone, you can use FakeLocation to trick Color into thinking you're somewhere else. Within seconds you can be browsing photos that were snapped thousands of miles away. With a little digging, you can pore through photos not intended for your eyes. Of course, such a hack isn't illegal as such -- every photo you take with Color is public. With FakeLocation you are simply circumventing Color's very limited location-oriented security mechanism. It does undermine Color's usefulness (and uniqueness), though -- if nefarious types can sit in their bedroom or basement and eavesdrop on classy dinner parties and wild night club soirees, people might be less inclined to share personal photos with those around them. Fortunately, both for Color and its users, this is an easy security hole to plug -- at least in the short term. The app (or server-side) code simply checks to see if the user has 'teleported' an impossibly large distance, without any intermediate steps in between. In the long term, though, Color's users must be aware that its social graph is completely public. Color's users must realize that every photo they upload is visible by anyone, from any place. After the break, just to elucidate a little on Color's actual business model and ultimate intention, we have two amazing quotes from Bill Nguyen, Color's founder. Continue reading Color vulnerable to simple GPS hack, lets you spy on anyone, anywhere Color vulnerable to simple GPS hack, lets you spy on anyone, anywhere originally appeared on Download Squad on Tue, 29 Mar 2011 05:36:00 EST. Please see our terms for use of feeds. Permalink | Email this | Comments Source: http://downloadsquad.switched.com/2011/03/29/color-vulnerable-to-simple-gps-hack-lets-you-spy-on-anyone-any/ MICROS SYSTEMS SILICON LABORATORIES HEARTLAND PAYMENT SYSTEMS GRUPO IUSACELL PALM Space-shooters are usually a fairly fiery affair, with many types of guns, weapon upgrades, power-ups and more. Dodge does away with all of that, while keeping the very essence of a space shooter: Dark background, fast action, and stuff blowing up all over the place. Your vector-looking spacecraft is the fastest thing on the screen, most of the time. And as the header implies, you have absolutely no weapons; you can't get any, either. All you have is agility and maneuverability. Your opponents shoot heat-seeking missiles at you; the missiles lock on and start tracking you. The trick is to dodge the missiles while putting them in the path of one of your enemies, thus letting them have a taste of their own medicine. There are three types of enemies, at least in the first few levels: "simple" spaceships which fire slow projectiles, "tanks" which seem to be more serious and take more hits to destroy, and "circles." The circles simply explode, spewing twenty or thirty very fast projectiles. This sounds dangerous, but is actually great once you learn to use them; they are very destructive for tanks, and can even blow up other circles. The soundtrack is very techno, but it meshes very well with this type of game. Intense fun! Dodge is a space-shooter in which you have no weapons originally appeared on Download Squad on Tue, 01 Mar 2011 17:30:00 EST. Please see our terms for use of feeds. Permalink | Email this | Comments Source: http://downloadsquad.switched.com/2011/03/01/dodge-is-a-space-shooter-in-which-you-have-no-weapons/ KONINKLIJKE KPN SPANSION ACER NETWORK APPLIANCE MANHATTAN ASSOCIATES Facebook gone and done some serious damage to the company credit card, but thankfully, it's being used for more than replacing chimneys and repairing pool liners. Zuck's prized possession has just snapped up Push Pop Press and Beluga, with the former being best known for creating interactive digital books, most notably gadget junkie Al Gore's "Our Choice" book for iPad. Beluga on the other hand, gained lots of attention for its group messaging app built for iOS and Android. Push Pop Press co-founders (and former Apple engineers) Mike Matas and Kimon Tsinteris were quick to say that Facebook has no plans to publish digital books; they did confirm, however, that "the ideas and technology behind Push Pop Press will be integrated with Facebook, giving people even richer ways to share their stories." Mysterious. Could the Push Press Pop acquisition be the key to the fantasmical iPad app we've yearned for since the dawn of the new millennium? Beluga confirmed the future of Facebook mobile messaging when it said, "we're excited to build our vision for mobile group messaging as part of the Facebook team." Equally mysterious. Unfortunately, no concrete details are being made available, with each site's homepage simply confirming that It's Complicated. Facebook burns a little cash, buys group messaging and digital book outfit originally appeared on Engadget on Wed, 03 Aug 2011 09:22:00 EDT. Please see our terms for use of feeds. Permalink  All Things D |  Beluga.com, Push Pop Press | Email this | CommentsSource: http://www.engadget.com/2011/08/03/facebook-burns-a-little-cash-buys-group-messaging-and-digital-b/ SAIC SALESFORCE COM COMMUNICATIONS HOLDINGS PLANAR SYSTEMS LIBERTY GLOBAL When Firefox 4's tab grouping tool, Panorama, had its keyboard shortcut changed to the finger-breaking combo of Ctrl+Shift+E, we thought Panorama would get dropped before FF4's final release -- but, thankfully, it made the cut! If you've used Firefox 4 and Panorama, you might have noticed that Mozilla's new browser doesn't always save your tab groupings when you close the browser -- a bit of a pain, if you spend a long time setting up the perfect groups! This is tied into the removal of the 'Save and Quit' dialog box -- and enabling Panorama tab group saving is just a matter of re-enabling the Save and Quit dialog. Open a new tab and head to about:config. Click through the warning and type 'quit' into the filter box. Double click browser.showQuitWarning to change its value to true (see image after the break). That's it -- now you'll have the option of saving your tabs, and thus tab groups, when you close Firefox. For more tech tips, visit our tips index.Continue reading Save your tabs and Panorama tab groups in Firefox 4 Save your tabs and Panorama tab groups in Firefox 4 originally appeared on Download Squad on Mon, 04 Apr 2011 11:30:00 EST. Please see our terms for use of feeds. Permalink | Email this | Comments Source: http://downloadsquad.switched.com/2011/04/04/save-your-tabs-and-panorama-tab-groups-in-firefox-4/ INTEL F5 NETWORKS SHAW COMMUNICATIONS NINTENDO IDT Mozilla, continuing its year-long crusade to speed up Firefox startup and shutdown times, has published a name and shame list of the Firefox's slowest add-ons. The list is just one part of Mozilla's new efforts to highlight slow add-ons, and to help developers make their add-ons more efficient. Over the next two weeks, 'slow performance warnings' will be introduced in the add-on gallery so that users can see, before installation, which add-ons will slow down their browser. If that isn't enough to spur developers into cleaning up their add-ons, Mozilla has also begun reaching out to developers of slow add-ons with tips on how to improve add-on performance. Finally, add-on developers will soon have the ability to perform 'on-demand performance testing,' so that they can test their add-on before it's deployed publicly. Mozilla reports that the average Firefox add-on slows down Firefox's start-up time by 10% -- which means, if you install 10 add-ons, you will double your start-up time. On fast desktop PCs that kind of slowdown might be negligible, but on older computers, laptops and smartphones, it could be the difference between a 5 and 10 second startup. Mozilla has obviously realized that while massive performance gains might've been made with Firefox 4, the addition of third-party add-ons can destroy any user-perceived improvements. In other news, Mozilla says that a future build of Firefox will block the installation of add-ons (such as toolbars) by third-party software. Add-ons and toolbars that are bundled in this way will require explicit approval when you next open up Firefox. Hooray! Mozilla publishes name and shame list of slow Firefox add-ons, cracks down on tardy devs originally appeared on Download Squad on Mon, 04 Apr 2011 05:15:00 EST. Please see our terms for use of feeds. Permalink | Email this | Comments Source: http://downloadsquad.switched.com/2011/04/04/mozilla-publishes-name-and-shame-list-of-slow-firefox-add-ons/ COGNIZANT TECH SOLUTIONS TNS GOOGLE TELETECH HOLDINGS INVENTEC Over the last few days, a mass SQL injection attack has been quickly gathering speed. Just three days ago only 28,000 URLs were affected, but at the time of writing, there could be up to 3.8 million infected URLs.
Websense has a complete write up the attack, dubbed 'LizaMoon,' but here's the basic gist: it looks like someone is exploiting a vulnerabilty (or vulnerabilities) in hundreds of thousands of websites running on Microsoft SQL Server 2003 and 2005. It's not yet known whether this is a vulnerability in SQL Server, or simply a case of outdated, unmaintained, and easily-exploitable CMSes. The attack takes the form of an SQL injection, which then inserts a link to a JavaScript file hosted on the attacker's server. This is repeated over and over until every Web page in the SQL database has been infected -- and considering 3.8 million URLs have been infected, you can see that this is a very easy, and automated, attack. Fortunately, the JavaScript isn't particularly malicious: it pops up a rogue AV program called Windows Stability Center, but that's it. Better yet, the rogue antivirus is already recognized by a bunch of real antivirus suites, including Avast, Panda and Microsoft Security Essentials. The real problem with SQL injection attacks is that there's nothing we surfers can do about them. There will always be old and unmaintained websites, and thus SQL injections will remain one of the easiest and most lucrative tools of hackers and spammers alike. All you can do is keep your antivirus and anti-malware software up to date, and pray. Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus originally appeared on Download Squad on Fri, 01 Apr 2011 05:30:00 EST. Please see our terms for use of feeds. Permalink | Email this | Comments Source: http://downloadsquad.switched.com/2011/04/01/massive-sql-injection-infects-3-8-million-urls-installs-rogue-a/ VISHAY INTERTECHNOLOGY DLINK GOOGLE ZIONS BAN SYKES ENTERPRISES INORATED |
