Why Information Security: D-UH!
I almost always feel like saying “D-uh!” every time I see a text heading for an article or book topic that says “Why information security” or “Why Security”. I feel that it is almost a nonsensical question as “why do I need to breathe”. However, stepping back and looking at the big picture, that is really a wrong assumption. It is almost an internal bias that akin to me being surprised at meeting someone who still doesn’t have an e-mail or a broadband connection. It boggles my mind that in this day and age of information security exploits and regulatory liabilities, I still meet programmers and developers who still continue to spit out commercial products that are filled with so many holes that a 13-year old script kiddie can easily slice through it like it was Swiss cheese.
That being said, the nature of my profession makes me a little bit more attuned to information security issues than perhaps the next guy (maybe not guys sitting right next to me as I write this considering that they do the same work as I do, but perhaps the next guy in the mall or something) and whether I like it or not it becomes part of my nature. To me, thinking about threat, vulnerabilities and risks is about as natural as breathing. This fact, however, is not true to majority of digital innovators and users out there. Read more
From the Geek Mail: Facebook Pushes the Privacy Envelope with Data Sharing
by Lora Bentley
Score one more for Facebook’s “act first, apologize later” strategy.
Last month the company announced it would make user information – including phone numbers – available to application developers. But they wouldn’t get access to the data until after they got express permission “through the usual permission dialogues,” according to the INQUIRER.
After only three days, however, Facebook suspended the program, indicating it had received feedback that users weren’t exactly clear on when they would and would not be giving up access to their information, even with the standard permissions dialogue boxes. At the time, Facebook said: Read more
Information Security Management in the Wild Wide Web
Back in 2004, I prefaced a thesis that I wrote back then by stating at how our global connectivity has drastically changed the way we live and do business. The technology advances, I noted, particularly the improvement in personal computing had been so profound that it has revolutionized our culture, education, commerce and the global economy opening all of us to new horizons and new opportunities. Because of these advancements, useful data that can make or break a business transaction or data that can significantly save lives now travels widely and quickly. We have all become very dependent on technology and the convenience that it provides to all of us.
I then added that the gift of interconnectivity does not come for free, it has opened all of us to threats to our privacy, identity, intellectual property and other confidential information that our society never have to face before. Read more
I’m on Facebook–Now What???: How to Get Personal, Business, and Professional Value from Facebook (Paperback)
Facebook is one of the hottest websites in today’s world, and is having a major impact on career and business. This book explains the different parts of Facebook and helps you understand how you can get the most out of your Facebook account. It helps you understand what you could or should do in Facebook to further your career, business, or job. This book will help you come up with your own action strategy to get value out of Facebook. It will help you understand the possibilities with Facebook to figure out you can do to optimize the use of this tool. The intended audience includes professionals interested in their careers, marketers, business owners, and anyone involved in promoting a cause (personal or business) through new, hot technologies. Contains a foreword by Lee Lorenzen and an afterword by Robert Scoble
About the Author
Jason Alba is the career management evangelist. After getting laid off in January 2006, having great credent (more…)
How to Do Everything: Facebook Applications (Paperback)
Create your own Facebook applications!With coverage of Facebook API, FBML, and FQL as well as MySQL and REST, How to Do Everything: Facebook Applications is a clear, start-to-finish guide to developing unique apps that run on Facebook Platform. Learn how to integrate Facebook applications with websites, blogs, and databases, and use your apps to sell a product and market a business, organization, or cause. You’ll also discover how to provide entertainment and information to users while creating an advertising platform to make money. Get started quickly by downloading a pre-built, customizable Facebook application from the book’s Facebook Page.Understand the Facebook Platform architecture Format Web pages and manage data using XML, XHTML, and CSS Use PHP and FBML (Facebook Markup Language)Work with the Facebook object, Facebook REST object, and Facebook APIUse FQL (Facebook Query Language), Mock-AJAX, FBJS (Facebook JavaScript), and Facebook MobileMaster the Facebook De (more…)
The Church of Facebook: How the Hyperconnected Are Redefining Community (Paperback)
A revolution is taking place, one profile at a time. Online social networks are connecting people like never before. And with millions of users, they’re creating a virtual world that erases all boundaries. It’s a movement that’s changing how we form relationships, perceive others, and shape our identity. Yet at their core, these sites reflect our need for community. Our need for intimacy, connection, and a place to simply belong. Are we seeing the future of the church? Do these networks help or hurt relationships? And what can these sites teach us about God and each other? The Church of Facebook explores these ideas and much more. Author Jesse Rice offers a revealing look at the wildly popular world of online social groups. From profiles, to The Wall, to status updates, to “poking,” Jesse shares what Facebook reveals about us, and what it may mean for the church.
From the Back Cover
A revolution is underway. A Wi-Fi, worldwide movement (more…)
FBML Essentials: Facebook Markup Language Fundamentals (Paperback)
Do you have an idea for a Facebook application? With FBML Essentials, you’ll learn how to build it quickly using the Facebook Markup Language (FBML) and other easy-to-use tools in the site’s framework. If you can develop a website with HTML, writing a Facebook application with the help of this book will be a breeze. Of course, Facebook is not just another website. Any applications you write for it will have a potential audience of 16 million dedicated users. It’s not just another social networking site, either. Under the surface, Facebook is pretty sophisticated, with a development toolkit that includes it’s own modified version of HTML — FBML — to customize the look and feel of your Facebook applications. With FBML Essentials, you not only learn how to get started with this toolkit, you also get a complete reference on every FBML tag Facebook has ever written, with examples of how each tag works and advice on the best ways to use these tags in your code. This boo (more…)
Essential Facebook Development: Build Successful Applications for the Facebook Platform (Paperback)
“What sets this title apart is the authors’ deep insight of how to leverage the Facebook API to create wildly successful applications. They even provide instructions of how to a/b test, track, and analyze metrics to increase the exposure and engagement of your applications. Their knowledge is practical and after putting their techniques to use, my applications have achieved better results.” –Joseph Annuzzi, Jr., App Architect, PeerDynamic.com With more than 250 million active users, Facebook is the world’s #1 social networking platform. But developing successful Facebook applications presents unique challenges, both technical and nontechnical. Now, two of the world’s most experienced Facebook developers show you exactly how to meet those challenges. Essential Facebook Development offers insider guidance and up-to-the-minute best practices for the entire application lifecycle: design, coding, testing, distribution, post-launch monitoring, metrics, and (more…)
Building Facebook Applications For Dummies (For Dummies (Computer/Tech)) (Paperback)
Review
“Wagner gives a fun and easy way to get started building applications for this vast horde of potential buyers.” (The Bookseller, Friday 14th March)
There’s no doubt about it — Facebook is cool. Along with users who want to interact with friends, businesses are using Facebook as a marketing and networking tool. And if you’re a Web developer, you probably know there’s a demand for Facebook applications. If you have some basic knowledge of Web client technology, such as HTML, JavaScript, or CSS, and know how to use a Web programming language, Building Facebook Applications For Dummies is just what you need to start building apps for Facebook. This friendly guide helps you create applications to reach Facebook’s huge audience, so you can enlarge your list of friends, introduce people to your product or service, or network with other business professionals. You’ll find out how to: Work with the Facebook API Build app (more…)
Facebook Me! A Guide to Having Fun with Your Friends and Promoting Your Projects on Facebook (Paperback)
Review
“No better Virgil than Dave Awl when it comes to orienting the uninitiated to this strange and many-circled world of Facebook.”—Ayun Halliday, author of No Touch Monkey! And Other Travel Lessons Learned Too Late
Facebook Me! Group on Facebookound the water cooler—but you’re not sure what it’s all about. Relax and join in. There are more than 110 million members of Facebook these days, and adults are the fastest-growing segment of users. And it’s about more than just kid stuff; Facebook can actually be a good business tool as well as a great way to promote creative projects. In Facebook Me! Dave Awl shows you around the newly redesigned Facebook and helps you take full advantage of all it has to offer, while helping you avoid some of its pitfalls.• Find out what you can do on Facebook, and what it can do for you. Reconnect with old friends and make new ones, let your friends know what you’re up to, send greetings, share pho (more…)
Join Me On Facebook
Business Tech Press Releases- HostWire Merges into WRGL February 10, 2012
- Altera Announces Upcoming Schedule of Events With the Financial Community February 10, 2012
- Faruqi & Faruqi, LLP Announces Investigation of Powerwave Technologies, Inc. February 10, 2012
- Satisfy Your Valentine in 10 Minutes from Your Mobile Phone or Tablet February 10, 2012
- Italsuit Brings Bargain-Hunting Thrills to Shopping Online February 10, 2012
- From the National Vulnerability Database
- CVE-2011-3958 (chrome) February 7, 2012Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. […]nvd@nist.gov
- CVE-2012-1033 (bind) February 7, 2012The resolver in ISC BIND 9 through 9.8.1-P1 does not properly implement a cache update policy, which allows remote attackers to trigger continued resolvability of domain names that are no longer registered via an unspecified "Ghost Names exploit." […]nvd@nist.gov
- CVE-2011-3971 (chrome) February 7, 2012Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. […]nvd@nist.gov
- CVE-2011-3954 (chrome) February 7, 2012Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. […]nvd@nist.gov
- CVE-2011-3970 (chrome, libxslt) February 7, 2012libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. […]nvd@nist.gov
- CVE-2012-0926 (realplayer, realplayer_sp) February 7, 2012The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream. […]nvd@nist.gov
- CVE-2011-3969 (chrome) February 7, 2012Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. […]nvd@nist.gov
- CVE-2011-3956 (chrome) February 7, 2012The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension. […]nvd@nist.gov
- CVE-2011-3968 (chrome) February 7, 2012Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. […]nvd@nist.gov
- CVE-2012-1035 (ada_web_services) February 7, 2012AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. […]nvd@nist.gov
- CVE-2011-3958 (chrome) February 7, 2012