Re: [SC-L] Java: the next platform-independent target
On 10/25/2010 04:26 AM, Martin Gilje Jaatun wrote: On 2010-10-22 04:51, Kevin W. Wall wrote: In a large part, I think that people fail to patch Flash or Acrobat Reader for the same reason they forget about Java...out of sight, out of mind.* I think they believe that Windows Update solves (or should solve) *all* their patching needs. I think many of the Linux distros have it right in that respect...one-stop patching pretty much for whatever you have installed from your Linux provider's distribution channel. There are third-party vendors who do offer this as a service to Windows users - I know about the Danish company Secunia and their Corporate Software Inspector (CSI) service; there may be others out there. That's true, I think BigFix is another (no endorsement intended), but 1) these services are not obvious / trivial to locate and evaluate for reliability, and 2) more importantly, why should a general user have to trust yet another party? Look how many folks get mislead into downloading fake AV software to protect their supposedly infected PC. If they are not discerning enough to know that, would they be any better with judging the reputation of these other companies that might offer total patching as a service similar to Secunia's service? I personally think that's doubtful. -kevin -- Kevin W. Wall The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We cause accidents.-- Nathaniel Borenstein, co-creator of MIME ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] Colin Angle interview
from interview with iRobot CEO and founder Colin Angle: Are you planning on developing apps for robots like Roomba and Scooba? The robot operating system architecture will divide in half. The mobile industry is moving far faster and is far larger than the robot industry. You’ve got a couple of wonderful front runners, Google and Apple, which have developed software platforms that are optimised around communication, voice recognition, graphics and touch screen interfaces. That’s enabling for the robot industry but it’s not sufficient. If your phone dies nothing that serious happens. But if you’re robot dies and it’s bigger than a Roomba, you don’t want it to topple down the stairs. There’s a need for reliable, safe, secure software at the core of the robot. But there will be a division between the core robot OS which is carefully designed and has fail safes and the cool, sexy UI for the consumer. Things like iPhone control first evolve in the informal hacking communities but over time the robots will have much more sophisticated operating systems and be able to link in to other systems. Ultimately though if the robot’s function is to be vacuum cleaner, it needs to do that well first. One day I see lots of robots managed by a butler robot. I talk to it and it talks to the other robots. At that point you’ll see a lot of human interaction features on the main robot. You could have Android OS running on part of that robot alongside a safe and secure robot OS. There’s a place for co-operation. http://m.wired.com/epicenter/2010/10/colin-angle-irobot-ceo/all/1 -gunnar ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___