Unfortunately what I've found is that it re-appears when you upgrade Firefox, which is annoying.
Likening Kickstarter to an investment has always concerned me. Investment implies a return if the idea is successful and (as you can see from Oculus Rift) early kickstarter backers didn't get any of the very large…
Err, you saw the bit where it's not Craigslist's money that's being donated, but the settlement that they got from 3Taps right? And the bit where a very dubious interpretation of the CFAA which is opposed by the EFF was…
I'm not OP, but my opinion would be that APT does do some things better than npm etc but there's still some potential problems. Probably one of the most obvious is that access to the repos is over unencrypted HTTP…
cool. If you're looking for thoughts about threat models and ways to do it http://theupdateframework.com/index.html seems to have some good info.
that's interesting. Any pointers to package stores that do a better job on security? I'm researching the area a bit at the moment and I've not seen a lot of good practice out there, so would be interesting to have some…
This is a problem with most/all lib installers. They tend to have hooks to allow post-install actions and those hooks tend to be able to run OS commands, with the privileges of the installing user. Of course what's…
from ICANNs site, looks like .google has been delegated (https://gtldresult.icann.org/application-result/applications... ), so I'd say yep that'll happen. AFAIK google have applied for a large number of TLDs, this is…
Unfortunately what I've found is that it re-appears when you upgrade Firefox, which is annoying.
Likening Kickstarter to an investment has always concerned me. Investment implies a return if the idea is successful and (as you can see from Oculus Rift) early kickstarter backers didn't get any of the very large…
Err, you saw the bit where it's not Craigslist's money that's being donated, but the settlement that they got from 3Taps right? And the bit where a very dubious interpretation of the CFAA which is opposed by the EFF was…
I'm not OP, but my opinion would be that APT does do some things better than npm etc but there's still some potential problems. Probably one of the most obvious is that access to the repos is over unencrypted HTTP…
cool. If you're looking for thoughts about threat models and ways to do it http://theupdateframework.com/index.html seems to have some good info.
that's interesting. Any pointers to package stores that do a better job on security? I'm researching the area a bit at the moment and I've not seen a lot of good practice out there, so would be interesting to have some…
This is a problem with most/all lib installers. They tend to have hooks to allow post-install actions and those hooks tend to be able to run OS commands, with the privileges of the installing user. Of course what's…
from ICANNs site, looks like .google has been delegated (https://gtldresult.icann.org/application-result/applications... ), so I'd say yep that'll happen. AFAIK google have applied for a large number of TLDs, this is…