By samzenpus from Slashdot's read-all-about-it department
benrothke writes "Every organization has external software, hardware and 3rd-party vendors they have to deal with. In many cases, these vendors will have direct access to the corporate networks, confidential and proprietary data and more. Often the software and hardware solutions are critical to the infrastructure and security of the organization. If the vendors don't have effective information security and privacy controls in place, your data is at risk. In addition, when selecting a product to secure your organization, how do you ensure that you are selecting the correct product? All of this is critical in the event of a breach. When the lawyers start circling, they will be serving subpoenas to your company, not your 3rd-party vendors."
Keep reading for Ben's review. Assessing Vendors: A Hands-On Guide to Assessing Infosec and IT Vendors
author Josh More
reviewer Ben Rothke
summary Good intro to use to start a vendor assessment programRead Replies (0)
By Unknown Lamer from Slashdot's ok-maps-what department
Two bits of Google news from today/yesterday. This morning, Google started rolling out a major update to mobile Maps
. They've created a new tablet interface, improved integration with local places, integrated the Zagat guide, and enhanced navigation to automatically route you around traffic incidents. As usual lately, Google also removed a few features: Latitude and Check-ins. If you used those you'll have to use the Google+ application now. They also made a strange change to offline maps: instead of a menu option, you now access the area you want to make available offline and search for "OK Maps." On the Chrome front, Google released Chrome 28 yesterday
, the first release featuring the WebKit fork Blink
By Unknown Lamer from Slashdot's fight-fight-fight department
benjymouse writes "Following a blog post by security company Secunia, VideoLAN (vendor of popular VLC media player) president Jean-Baptiste Kempf accuses Secunia of lying in a blog post titled 'More lies from Secunia.' It seems that Secunia and Jean-Baptiste Kempf have different views on whether a vulnerability has been patched. At one point VLC threatened legal action unless Secunia updated their SA51464 security advisory to show the issue as patched. While Secunia changed the status pending their own investigation, they later reverted to 'unpatched.' Secunia claimed that they had PoC illustrating that the root issue still existed and 3rd party confirmation (an independent security researcher found the same issue and reported it to Secunia)."
There are two bugs: one is a vulnerability in ffmpeg's swf parser that vlc worked around since they don't support swf. The VLC developers think Secunia should have reported the bug to ffmpeg, which seems pretty sensible. The other bug
is an uncaught exception in the Matroska demuxer with overly large chunks that merely results in <tt>std::terminate</tt> being called; the Matroska demux maintainer apologized
, but, despite dire warnings from Secunia that it could
be exploitable, it most certainly is not.Read Replies (0)
By Unknown Lamer from Slashdot's micro-t-1000 department
ph4cr writes with news that a few researchers have discovered an alloy that allows them to print 3D structures from liquid metal at room temperature
. From the article: "'It's difficult to create structures out of liquids, because liquids want to bead up. But we’ve found that a liquid metal alloy of gallium and indium reacts to the oxygen in the air at room temperature to form a "skin" that allows the liquid metal structures to retain their shapes,' says Dr. Michael Dickey, an assistant professor of chemical and biomolecular engineering at NC State and co-author of a paper describing the work. ... One technique involves stacking droplets of liquid metal on top of each other, much like a stack of oranges at the supermarket. The droplets adhere to one another, but retain their shape – they do not merge into a single, larger droplet. ... Another technique injects liquid metal into a polymer template, so that the metal takes on a specific shape. The template is then dissolved, leaving the bare, liquid metal in the desired shape. The researchers also developed techniques for creating liquid metal wires, which retain their shape even when held perpendicular to the substrate."
is available online. There's also a video of the process in action, below the fold.Read Replies (0)