- Analysis of the jailbreakme v3 font exploit – Sogeti ESEC Lab –
initial code execution is obtained through a vulnerability in the Freetype Type 1 font parser, allowing subsequent exploitation of a kernel vulnerability to disable code signing enforcement, get root privileges and “install” the jailbreak.
Wow.
- The iPhones Home Button – agreed.
- BBEdit 10 – nice overview from Michael. I’m less convinced about the loss of the drawer, as I don’t like having such a small “open documents” space when in a project.
- Morning thought: transparency is for customers – I think this is right.
- An Era Ends, An Era Begins tecosystems – RedMonk is hiring, and I can’t imagine a more interesting, challenging or rewarding place for an analyst to work.
- Lion Full Screen Mode w/ Dual Monitor Tip – good tip.
- HTC Status review – a year ago I’d have been excited about this.
- Cost of false positives – the internet at scale is hard. period.
- NoSQL is What? – in everything there are tradeoffs. There is no silver bullet.
- Wrong Wrong Wrong – NYTimes.com