This week is IT Security Week at NUS, and so they have an IT Security Carnival held at the Forum. They have been running this for some years now, and I must commend the organizers for their excellent work all around. In my opinion, this is one of the more successful and meaningful event, and I’m not saying that just because IT security is one of my pet areas too.
Security updates keeps us busy during festive holidays again. The last one with WordPress 2.3.2 kept us occupied prior to the 2008 New Year. Today, the new WordPress 2.3.3 release happens just prior to the Lunar New Year. The major focus of this security release is to fix a flaw in the XML-RPC implementation. Other XML-RPC problems were also plugged in the previous WordPress release. Holidays or not… you should try to upgrade ASAP! More details on 2.3.3 here.
When ZDNet reports Boeing 787 at risk of in-flight hacking, you start to worry about how your personal safety can sometimes be threatened by hackers. I wonder what was Boeing thinking about when they connected passenger Internet and entertainment networks to their on-board flight systems network. Professionals in the IT security circles already know how systems and applications must be designed with security from the start, how they need to be reviewed and audited, etc. I certainly hope aircraft manufacturers apply these principles in designing and building aircraft too!
Yes it keeps us busy even during the festive season. A number of critical security issues were identified with Wordpress 2.3.1 (may apply to older versions too) that necessitated an urgent security release. Wordpress 2.3.2 is now available. One of the problem is a SQL Injection Vulnerability that exposes internal information about your Wordpress installation. These are common problems that plague web applications. I did a brief presentation on Secure Web Programming a few moons ago. It was primarily intended to be a high-level overview to familiarize programmers with web application security issues. You can download it if you’re interested.
Vanessa's hand picked selection of flowers from the garden.
— Posted from my N95 Lifeblog.
This scholarly chinese restaurant at the new NUS Guild House serves up pretty good coffee flavoured pork ribs. The other dishes were quite mediocre though.
— Posted from my N95 Lifeblog.
