From the Geek Mail: Facebook Pushes the Privacy Envelope with Data Sharing
by Lora Bentley
Score one more for Facebook’s “act first, apologize later” strategy.
Last month the company announced it would make user information – including phone numbers – available to application developers. But they wouldn’t get access to the data until after they got express permission “through the usual permission dialogues,” according to the INQUIRER.
After only three days, however, Facebook suspended the program, indicating it had received feedback that users weren’t exactly clear on when they would and would not be giving up access to their information, even with the standard permissions dialogue boxes. At the time, Facebook said: Read more
From the Geek Mail: 2011 Top Tech Jobs
Received from: Daily Edge at IT Business Edge
CyberCoders, a worldwide recruiting firm, has analyzed hiring statistics from a pool of more than 12,000 CyberCoders job listings to determine the top 10 tech jobs for 2011 — focusing on which job types offer the most open positions, career growth and compensation. CyberCoders finds that technical candidates often make more, are in higher demand, and have a better chance for career growth versus candidates who apply for marketing or health care positions.
Matt Miller, Chief Technology Officer of CyberCoders, says, “There is a resurgence of companies hiring tech candidates caused in part by industries which need to automate their business systems.” Miller says, “Automating business systems often results in an increased need for software engineers and technical specialty positions, especially among start-ups.” At the beginning of 2011, CyberCoders had more than 1,400 available positions in technology, up 196 percent from the previous year. Read more
Thursday Geek Mail – Stuff in my e-mail that may be worth sharing
Why Small Businesses Quit Advertising Online
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When I was focused 100% on online advertising, the rate of advertiser churn was perhaps the biggest challenge of the business.
Customers buying cheap ad packages were extremely happy and loyal (well over 90% retention). They got a great value and bought a product that they understood.
But as the advertising become more sophisticated and expensive, advertiser churn became a major drag.
Read more
Should have been posted yesterday | Let’s Read the Geek Mail
I’ve been playing some catch-up all morning. Yesterday had a hectic day working on a couple of client requirements. Spent most of the morning today trying to figure out how to install a CAPTCHA feature in one of my sites. If I don’t get sidetracked or I don’t forget, I’ll talk about this very important feature especially if you have a site that allows for registration and other stuff.
Yesterday, I wanted to introduce another section of the site that I plan to do every Thursday, I call it “Geek Mail”. I subscribe to a whole bunch of mailing lists that has something to do with Technology, Security and a whole bunch of other stuff that is essentially the overall theme of this blog. Sometimes I get to read some of them, but most of the time they languish in my mailbox as “clutter”.
So I figured, I post some of them here (at least the intro and the link to the actual article, don’t wanna get dinged on some weird copyright infringement thingamajig)… I see this as having three benefits: (1) it’ll force me to read more, since I’ll try not to post anything that don’t make any sense to me; (2) hopefully some of you will get some valuable nuggets out of these articles; (3) If the links don’t get outdated, it’ll help create my own personal knowledgebase just in case I am researching something, which you can use as well.
A quick disclaimer: Some of the links will require you to subscribe to their newsletter or whatever else they are offering. Please read and use your common sense. I have nothing to do with these people, I am much of a browser of their sites as you are and I am not getting paid on any of this stuff (If ever I am paid for anything I write – you will know). It is for your information and if you find value on the info, it is your job and your responsibility to take the necessary steps to get and properly use the info.
So without further ado, Let’s Read Geek Mail: Read more
Join Me On Facebook
Business Tech Press Releases- Cisco CCNP SWITCH Training Released by TrainSignal February 8, 2012
- The Pinball Arcade Launches on iOS and Android February 8, 2012
- Synopsys Announces Earnings Release Date for the First Quarter Fiscal Year 2012 February 8, 2012
- Apogee Shares Success Story at Major Industry Conference February 8, 2012
- Great Place to Work® Celebrates Strong Workplace Cultures Through the "We Heart Our Workplace" Video Contest February 8, 2012
- From the National Vulnerability Database
- CVE-2012-1034 (episerver_cms) February 7, 2012Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]nvd@nist.gov
- CVE-2011-5076 (hdwiki) February 6, 2012SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. […]nvd@nist.gov
- CVE-2012-1021 (4images) February 6, 2012Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action. […]nvd@nist.gov
- CVE-2012-1031 (episerver_cms) February 6, 2012Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417. […]nvd@nist.gov
- CVE-2012-1008 (officesip_server) February 6, 2012OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message. […]nvd@nist.gov
- CVE-2012-0992 (openemr) February 6, 2012interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter. […]nvd@nist.gov
- CVE-2012-1004 (foswiki) February 6, 2012Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephon […]nvd@nist.gov
- CVE-2012-1019 (xwiki_enterprise) February 6, 2012Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when editing a user profile, or (3) projectVersion parameter to xwiki/bin/view/DownloadCode/D […]nvd@nist.gov
- CVE-2012-1002 (openconf) February 6, 2012Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown impact and attack vectors. […]nvd@nist.gov
- CVE-2012-1029 (tube_ace) February 6, 2012SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information. […]nvd@nist.gov
- CVE-2012-1034 (episerver_cms) February 7, 2012