Daily Dose - 25 Most Dangerous Programming Errors Updated
Thirty international security organizations have once again compiled a list of the top 25 most dangerous programming errors that lead to the worst software vulnerabilities. The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors now include grading, categories, and prioritization for each item on the list. In the overall short list, the top five vulnerabilities were (from 1 to 5), cross site scripting, SQL injection, classic buffer overflows, cross site request forgery. and improper access control.
RIM Makes BlackBerry Even More Enticing to Businesses
At the MWC, RIM might have been one of the biggest winners when it made two big announcements. First, RIM announced that they are working on a new WebKit-based browser to be released later this year. The browser has already scored a 100/100 on the Acid3 test and it will feature "full HTML5 support." RIM also announced the Enterprise Server Express, which is free in order to encourage SMBs to standardize on BlackBerries. A business that uses Express will be able to sync employee calendars, email, contacts, notes, files, and tasks.
Safari Will be the First to Go Down in Flames, Pwn2Own Organizer Predicts
TippingPoint recently announced the Pwn2Own browser security contest, which has increased its prize money to $100,000. Contestants will attempt to exploit security holes in various browsers starting next month. Poor Safari is getting no credit as Aaron Portnoy, a researcher at TippingPoint, expects Apple's browser to be the first to die. Last year, Firefox, IE8, and Safari all fell on the first day. There were no successful attacks on BlackBerry, Android, iPhone, Symbian, and Windows Mobile smartphones.
Jetpack Gets More Fuel
Mozilla is banking on Jetpack to replace add-ons in future versions of Firefox. They just released the next version, Jetpack 0.8, which marks the end of the prototyping phase and the beginning of a production-level phase. 0.8 includes a new toolbar API and a Places API for history and bookmarks searching and auto-management. The coming versions of Jetpack will feature a new security model and more extensible architecture.
Open source graph database Neo4j released 1.0
Neo4j claims the tops spot again today with 69 up votes and counting. It looks like a graph database revolution may be down the road.