We’re not sure if this is directly related to the Ajax exploit we posted about, but interesting to see the point proven that security shouldn’t be forgotten in the name of “Web 2.0”
Apparently it was a simple as them not validating any input on their posts/comments as reported here. This is a similar [...]

Macaulay, a software engineer, was able to hack into a MacBook through a zero-day security hole in Apple’s Safari browser. The computer was one of two offered as a prize in the “PWN to Own” hack-a-Mac contest at the CanSecWest conference in Vancouver.
Macaulay teamed with Dino Dai Zovi, a security researcher until recently with Matasano [...]

According to Fortify Software, 11 out of 12 of the most popular Ajax/JS frameworks are vulnerable to javascript hijacking. So apparently every shiney web 2.0 app out there is ripe for the picking!
“Fortify said that the “pervasive and critical vulnerability” is present in 11 of the 12 most popular AJAX frameworks, and therefore [...]

Apollo Alpha Launched
Adobe has launched their Apollo platform finally (in Alpha). Apollo is a cross-OS runtime that allows developers to leverage their existing web development skills (Flash, Flex, HTML, Ajax) to build and deploy desktop RIA’s.
Many basically say Apollo = Flash Player + Acrobat Reader * HTML/JS . A very cool project indeed [...]

With Apple’s new set-top device filtering into the hands of the faithful, its buzz has been appropriately high. Over the weekend, however, many enterprising hackers took the time to probe the internals of the AppleTV a bit more thoroughly. What did they find?As it turns out, Apple’s claim that its new devices (e.g. AppleTV, iPhone) [...]

Brought to you by Boy Genius

The Reactable is a multi-user electro-acoustic music instrument with a tabletop tangible user interface. Several simultaneous performers share complete control over the instrument by moving physical artifacts on the table surface and constructing different audio topologies in a kind of tangible modular synthesizer or graspable flow-controlled programming language.

Anybody who has used a Linux distro knows that downloading and installing from an ISO is only the first part of a very long journey. After you have successfully installed the OS (which is sometimes difficult in its self) you need to add your apps, wifi / bluetooth support (WPA is always a b!tC7H), your [...]

Michael Kemp has discovered a denial of service issue in the BlackBerry Browser. An BlackBerry device running OS version 4.2 or earlier would be affected as RIM has released a patched version 4.2.1 which fixes this issue.
Here is how the vulnerability works:

Construct a WML page that contains an overly long string value within a link [...]

Sometimes an otherwise useful application is missing a feature or two. Take the Stickies app, for example. For whatever reason, the authors decided not to include a scrollbar. Perhaps this was because it’s not a necessary feature for most users. Perhaps it was just overlooked.
Thankfully, you can customize most OS X apps with the tools [...]