what we’re reading, week of 1/12

Posted: January 15, 2009 in Highlights

From Zero Day…
RIM warns of BlackBerry PDF processing vulnerabilities
Ryan Naraine reports that hackers can use “booby-trapped PDF attachments” sent to BlackBerry devices to launch malicious code execution attacks. Raw details are included in the article. It is urged for BlackBerry users to update their devices accordingly.

From around the Blogosphere…
The SANS Institute released a list of the 25 Most Dangerous Programming Errors. The list has stirred up a lot of buzz around the topic. Here are three different perspectives that we thought were significant.

Byron Acohido from Zero Day Threat says, “For now, let’s savor the moment. Hopefully, the collaborative consensus among a diverse collection of 37 organizations — including Microsoft, Oracle, EMC, Apple, the NSA, DHS and an amalgam of tech security firms — that produced the Top 25 flaws will emerge as a model. It is an example of the type of for-the-greater-good, public-private collaboration needed to stem cybercrime.”

Adam O’Donnell from ZD Net does not think the list will make the flaws go away, but believes it’s a powerful tool. It provides organizations that are looking to purchase software a metric it can use “to beat up on potential investors”.

Lori MacVittie from DevCentral also believes the list is a powerful tool, but urges people to continue their current security habits and stay current on new security trends.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s