The 1.9.2 release of Piwik came - aside from a backdoor for some installations - with a nifty new feature. It ignores IE10's DoNotTrack settings completely and it also lies to you about it in the settings.
If you thought - and I did - that the Comodo gig was ridiculous you might already have heard of DigiNotar. And I'm somewhat running out of superlatives that have no religious context with this one. While Comodo's fuck-up was serious it was at least within expected proportions. If you fuck up in this business it usually draws some circles. That's why you should try hard not to. But the way DigiNotar screwed up is way out of scope. And the best part about it is the way they are handling it.
A quote taken from their website
Current versions of apache have a neat bug in their byte-range handling that has quite some potential to crash a site with minimal to no effort at all. Byte-ranges are a feature of HTTP 1.1. They are used to partially transfer documents. If multiple ranges are requested in a slightly untidy way apache gets out of step big time. A single remote connection with a lousy dsl line can wreak havoc to various degrees on your system. If you ever want to see your load hit the moon give it a try.
There's - as of now - no patch yet. But there're two workarounds.
Der Staat hat mal wieder zugeschlagen. Diesmal der Zoll. Wenn man tiefer ins Klo gegriffen hätte, würde einem wohl eine Amputation in Schulterhöhe bevorstehen. Bedauerlicherweise werden die Verantwortlichen wohl von dieser Maßnahme verschont bleiben.
While looking for information if anything has changed recently on the master password front I found a somewhat dated but still valid statement from Google. And I think it's fundamentally flawed.
The usual answer you hear when you raise the topic of permissions with Android is "Works as intended" and all I can say about that one is: If that was your intention you might reconsider visiting the drawing board because your intention sucks big time.
There are certain things that you can actually wait for to happen and this is one of them. Google is running the market in a way that's doomed to hit the wall and it has nothing really to do with liberal politics vs. Apple's ... ah well. Let's call those restrictive.
Isn't it lovely. You deliver your piece of code or hardware for a security audit and get it back all shiny and clean. Except for the little bug that happens to be handy when someone would have to sabotage one of your customers nuclear reactors. A customer like Iran. Ignoring the political magnitude of this it has a very bad taste to it. Even more so if Siemens was not a part in this but a conveniently available source for exploitation through inspection.