New Skype bug opens users to easy hijack, says researcher
,----[ Quote ]
| SkypeFind, which was introduced in Skype 3.1 for Windows, lets users
| recommend businesses to others running the voice-over-IP and chat client and
| write reviews of those businesses. "Sadly, it could also be used by attackers
| to own Skype users' machines," Raff said in a blog post.
`----
http://www.linuxworld.com.au/index.php?id=787643642&rid=-50
RealPlayer named by StopBadware.org
,----[ Quote ]
| RealPlayer 10.5, it claims, "fails to accurately and completely disclose the
| fact that it installs advertising software on the user's computer." And
| RealPlayer 11, it claims, "does not disclose the fact that it installs
| Rhapsody Player Engine software, and fails to remove this software when
| RealPlayer is uninstalled." Ryan Lukin, PR manager for RealNetworks, disputed
| some of the claims.
`----
http://www.news.com/8301-10789_3-9862135-57.html?part=rss&subj=news&tag=2547-1_3-0-20
Related:
Why proprietary code is bad for security
,----[ Quote ]
| Tho Skype is using an encrypted protocol, it’s still their own, non-disclosed
| code and property. So we don’t know what it contains.
|
| [...]
|
| It’s time to stop accepting that we are the bad guys, and to stop consuming
| things we just don’t understand (and cannot, because they are proprietary,
| closed-source systems).
|
| Say no to companies, or even governments who treat you like this. Start using
| open sourced products and protocols wherever you can. Even if you could
| still never understand the code used in these systems, there are still lots
| of people who can, and who will examine it. The magic word here is “peer
| review” - your friend or buddy or neighbour may be able to understand all
| that, and to help. No, not with Skype or Windows or any black box from Cisco.
`----
http://wolfgang.lonien.de/?p=394
|
|