Welcome to the this week’s Quotes of the Week: Big Data replaces testing, Google exposes user details and the world has more software bugs than you think.
Google Apps Bug that exposes Users Details
“A security researcher recently reported a defect via our Vulnerability Rewards Program affecting Google Apps’ integration with the eNom domain registration API”
Google Apps for Business which is a collection of Google tools designed for business users was the cause of a bug that meant many users details were exposed online. As part of the Apps, users can register a domain for their email addresses. Users have the option of making their personal details for registering the domain e.g. name, email address etc provate. However a bug in the Apps software meant that their details were published online. The web governing body does require users details registering domains to be made public on the Whois database but Google Apps allowed a provacy option. However it was this privacy option that exposed the users data which could be used by scammers for phishing. Read More here
Android phones can turn into Windows 10
“Xiaomi Mi4 users will get the ability to flash their phones with the new Windows 10 OS and provide feedback to Xiaomi and Microsoft on their experience”
As part of the launch of Windows 10, it seems Microsoft are planning to allow Android users to flash the software on their phone to try out Windows 10. At the moment users of Xiaomi phones are trialling the software. Read More here.
A New Bug in the OpenSSL crypto library
“If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension, a NULL pointer dereference will occur,”
The vulnurability known as CVE-2015-0291 was exposed by Stanford reseracher last week, David Ramos last week. OpenSSL released a statement on Thursday about the bug though the vulnurability does not seem as serious as many first thought. Read More here.
More Software Bugs Than You Think
A survey by firm RayGun has that found that 1400 developers last month and found that 93% of developers were confident that their software quality was “good” or “great” spured an article by Danny Bradbury on the bug hunting industry and how companies have taken to farming out the bug-hunting to third parties. Read More here.
Big Data replaces Testers
“Draper is applying big-data analytics to automatically discover software vulnerabilities,”
Draper President and CEO Kaigham J. Gabriel comments on the successful launch of new software that the company has developed with the U.S. Air Force Research Laboratory and the Defense Advanced Research Projects Agency. The software will search for and automatically repair any software bugs that could lead to vulnurabilities in software. Read More here
If you have any news from the week you would like to add, then please use the Quotes of the Week thread here.
