Disclaimer

Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed).

Jun 23, 2011

Giving up your privacy for nothing at Yahoo News

UPDATE Nov. 10th: The story about the dog turned out to be a hoax. Pheew.

This weekend I read a somewhat disturbing article on Yahoo News about a Jewish court sentencing a dog to death by stoning by children and decided to share the story on Twitter. Most news sites include buttons to conveniently tweet articles, Yahoo News is no exception. I clicked the "Retweet" button and expected to see the Twitter confirmation screen as I was already signed in to Twitter. But wait!
Yahoo News wants me to let TweetMeme use my account, that was a surprise. Usually I don't bother reading these pop-ups, I just close the window and then go on to share the link manually. But this was Yahoo News, so I started reading the pop-up to see what they were hoping I would agree to. Turns out it wasn't just the article about stoning the dog that was disturbing.

Jun 21, 2011

Firefox 5 is out and #4 wants to upgrade

Following up on my recent blog post on how auto-upgrade as opposed to auto-update of web browsers can help make the Internet a safer place, here is the prompt I just got from Firefox 4:


Gotta love it! Firefox 5 is a "security and stability update". No lengthy explanations on why version 5 is better than 4, and an "Upgrade Now" button. User's would want to install this! I also like the prompt I get when one of my add-ons won't work with the new version.

Jun 19, 2011

Slides for recent talks now available

I finally got around to publish the slides for the two talks I did in May: the talk about the online banking trojans at the DND/ISACA/ISF member meeting as well as the lightning talk on browser security at the Roots conference. I figured I'd give Google docs a try, so I made a Talks collection available there.

I've sort of reset my talk list, you'll find it at my dedicated talk page.

The lightning talk at Roots was taped (though probably there wasn't any actual tape involved). If you're interested, go check out The browser - your best friend and worst enemy - André N. Klingsheim on the Roots conference channel on Vimeo.

Jun 12, 2011

Making the web safer: From auto-update to auto-upgrade

The Firefox team has decided to stop supporting Firefox 3.5. They've put a great deal of thought into how they will handle the ~12 million Firefox 3.5 installations around the world. Firefox 3.5 will be updated to the latest 3.6 version, through the auto-update system — which really makes it an auto-upgrade. The plan is to start pushing the upgrade on June 21st, in conjunction with the release of the new Firefox 5. The team has shared their assumptions and rationale for the decision in a Firefox 3.5 EOL article on the Mozilla wiki.

The decision to upgrade users' soon to be outdated and unsupported browsers is important. Home users' computers are under constant attack. The stream of software updates is both endless and rapid, especially when taking into account that there are updates to the operating system, web browsers, and commonly installed software such as Adobe Acrobat and the Java Runtime. The average user should be relieved from having to deal with all the different update notifications and procedures. Apple have been leading the way here for many years already. If you do a Google search for "security update" flash you'll see why: They've been supplying updates to the Flash player for many years through their update system. The Chrome team chose the same route in April when they included an updated version of Adobe Flash with their latest Chrome release — fixing a vulnerability in the Flash plugin in addition to three in Chrome. The simpler the job for users to keep their systems up-to-date, the more users will be running the latest, greatest, and safest software.

Copyright notice

© André N. Klingsheim and www.dotnetnoob.com, 2009-2018. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to André N. Klingsheim and www.dotnetnoob.com with appropriate and specific direction to the original content.

Read other popular posts