01 Sep 10 Breaking : Twitter announces security updates proactively : All 3rd party apps can no longer store password & new T.co URL shortening service
Well, Twitter just sent out an email with significant improvements to their security model – something that Mark at Facebook just doesn’t seem to consider a priority over monetizing the trust of his 500 million Facebook members.
The highlights from the announcements by Twitter (full email details after the break) include:
- There are 250,000 3rd party apps that connect to Twitter
- All 3rd party apps will have to use the OAuth authentication method, and will not be allowed to ask for – or store – the actual Twitter user name or password
- Launches t.co – their very own URL shortening services … will be interesting to see how this plays out with dominating URL shortening services such as bit.ly
I’m impressed by this news… social media is wonderful, but the skeptics who are avoiding it (which includes a vast majority of “normal” non-tech and early adopter folk) should be reassured by this proactive approach by Twitter to making their environment a bit more secure.
Now, if only they could continue to work on the ever present FailWhale-powered site outages… 
Full email received:
Tags: IT Security, micro-blogging, Social Media, Twitter, Web 2.0
04 Aug 09 WordPress 2.8.3 security update – upgrade now; it’s easy and essential.
Short and sweet:
An important out-of-band update to WordPress has been released; 2.8.3 includes a security patch to fix unauthorized privilege escalation issues.
Since you all have 2.7 or higher (right) and online updating is easy… do it now!
Tags: IT Security, Software, WordPress, WordPress 2.7
17 Jun 09 Confidentialité de l’adresse IP – pas vraiment. Les informations transmises aux sites que vous visitez
L’autre soir je discutai avec une amie concernant la confidentialité d’une adresse IP, et ce que quelqu’un d’autre pourrait faire s’il connait ton adresse IP.
Alors, c’est un sujet qui sera difficile à couvrir entièrement dans quelques phrases, et je viens de terminer une autre discussion avec un collègue (qui travail en sécurité informatique, ahem… cheers Benjamin.) pendant qu’on tentait de déboguer des problèmes d’indexage de recherche de SharePoint Server.
Donc, en bref, l’adresse IP est unique. L’adresse est généralement accordée à une connexion réseau par votre fournisseur d’accès réseau – ou, dans le cas d’un réseau corporatif, par votre administrateur réseau à partir de la banque d’adresses IP accordé à votre compagnie.
(more…)
Tags: adresse IP, français, IP address information, IT Security, vol d'identité
22 Jan 09 Trojan Blog Comments – “Nothing seems to be easier than seeing someone whom you can help but not helping.”
So, I get a fair number of comments on various articles I write here, and also a fair amount of comment spam (about 100-150 comment spams per day) which Akismet dutifully protects me against 99% of the time. While Akismet is an impressive and highly functional tool – it certainly is not (and should be) the only tool in your arsenal to protect your blog from comment spammers.
WordPress has various mechanisms available to prevent automated (or human) spam bots from overrunning your site. (more…)
Tags: Akismet, blogging, IT Security, SPAM, WordPress
19 Jan 09 Kaspersky Anti-Virus for Windows 7 automatically licensed to… Russian Federation ?!
Early rise this Monday morning…
So I’ve been testing the beta version of Windows 7 (Build 7000 at the moment) on a Dell Inspiron 6400… so far, I’m fairly impressed. But that’s not the subject of todays thought – or mystery.
After downloading the 43MB technical preview of Kaspersky Anti-Virus 8 (AKA KAV 2009) for Windows 7, it goes through a fairly straightforward installation process. It politely asks if you want to disable the built-in Windows firewall and use Kaspersky Anti-Hacker instead. I chose to leave the Windows 7 firewall intact and running.
(more…)
Tags: IT Security, Kaspersky Anti-Virus 8.0 Technical Preview, Russian Federation, Software, Windows 7 Beta
