Forrester: NSA Spying Could Cost Cloud $180B, But Probably Won't
Look at the Tent project - http://tent.io . It is just getting started, but that is the vision.
Google Preparing "Google Mine" For Organizing and Sharing Your Stuff On Google+
We should be moving toward keeping all our 'stuff' in a distributed individual server which we personally control, but services can access via standard API.
There is a new project toward building this interoperable API - tent.io . It is just getting started, but deserves community support.
Twitter's New Money-Making Plan: Lead Generation
Facebook, Twitter, Google+, Flickr should be services which use personal data controlled by their own users. If we controlled our own tweets, posts, pictures, and connected them to our friends via interoperable services, then once service providers pull a fast one, we could pull up stakes and go to the next one.
Look into the prototypical Tent project https://tent.io/ for a vision of the future.
Rob "CmdrTaco" Malda Resigns From Slashdot
As a longtime reader and former creator of a hacked-up Perl-based CMS, i always respected what you built here.
Keep pursuing "the way"
Mass SQL Injection Attack Hits Sites Running IIS
actually, if you read the actual description of the attack is IS a SQL Injection attack on a web script. More advanced than "bobby tables", but basically the same problem.
Creating a Better Facebook
1. "Safe" place to be and share. Obviously, they threw this out the window.
2. Best "Dashboard". The superior, clean interface to see updates made a lot of users abandon MySpace, etc. This will be a big hurdle for the aspiring replacement- ease of use and cleanness.
3. Critical-mass of user network. It has the people/friends you want. This hurdle can be overcome too, as long as the "open" movement doesn't fracture into a thousand sourceforge projects.
Honestly, we've got to support this effort, and i hope all us paranoid hackers can get on the bus in the same direction. We have so many great tools and infrastructure-- we just have to make it a no-brainer for grandpa and the tweens to use alike.
SQL Injection Attack Claims 132,000+
safe until next week, when they use another address.
Checking inputs is the only fix.
D-Link Firmware Abuses Open NTP Servers
Well, no one's stopping you from doing that right now, but you're breaking the social contract.
If everyone on the net did what you're doing, the system would drag to a halt, or there would be a ton of new "security restrictions" on the dns system to prevent it, basically a new pain in the ass for everyone.
if you're that worried about dns attacks, i'd rely more on public key enc and certs.