The recently released Twitter API V1.1 ships with support for JSON and provides an ability to authenticate apps via OAuth1.0a.
The first day of DevOps Days Amsterdam had its focus split between continuous delivery and promoting a DevOps culture. Talks focused on how to automate the deployment pipeline but also system recovery in case of failure. On the culture side leveraging distinct personality types to successfully introduce changes and the positive impact of strong company culture on hiring were some of the takeaways.
Amazon's free, one-day cloud community event took place in Berlin this month. Aimed at developers, technical and business leaders, the topics of the series increasingly focus on cost effectiveness, high availability, big data and security. The summit was complemented with presentations from successful local AWS adopters.
A months old Ruby on Rails security flaw is now being exploited on systems where tardy patch deployment has left them vulnerable to malicious attackers.
Part 2 of Infoq’s exclusive virtual interview with Anypresence cofounder Richard Mendis. The CMO weighs in on Facebook’s acquisition of competitor Parse and provides intel on the pricing structure of Anypresence.
"To avoid the confusion caused by renumbering releases", Oracle has announced that it is adopting a new numbering scheme for JDK 5.0, JDK 6 and JDK 7. "The next Limited Update for JDK 7 will be numbered 7u40, and the next 3 CPUs after that will be numbered 7u45, 7u51, and 7u55.”
Just days after the latest fix, security researcher Adam Gowdiak has found another Java vulnerability. In addition, in the past few days, attack code targeting one of the many remote-code-execution vulnerabilities fixed in Java 7 Update 21 have also begun circulating in the wild.
The excitement over DevOps is continuing to increase in major corporations. Today it was announced that two DevOps tool vendors were acquired. UrbanCode was picked up by IBM while Nolio went to CA Technologies.
Layer 7 Technologies has just been acquired by CA Technologies for the purpose of augmenting CA SiteMinder with Layer 7’s API Management & Security Suite. Layer 7 specializes in adding “access, security, SLA and management features” to existing service APIs.
Google+ Sign-In extends the Google+ social network into third-party websites, desktop applications and mobile apps. This service, announced on February 26th, provides features for authentication, authorization and activity sharing. There is also support for user engagement, hangouts and automatic Android app downloads.
Smaller releases, automated testing, and a culture that embraces security are the reasons why panelists at the RSA 2013 conference say that Devops can be a huge boon for application security.
MongoDB 2.4 was recently released with new features such as Text Search, hash-based sharding, better geo-spatial capabilities with GeoJSON support and several performance and tooling improvements. We also discussed with 10gen about what’s next on the roadmap.
Android 4.2.2 includes security enhancements such as application verification, Always-on VPN, certificate pinning, installd hardening including few other security fixes.
Windows Security is a hard problem. There are countless optional settings that can introduce security vulnerabilities, many of which are enabled by default. The documentation for these settings are scattered with current articles freely mixed with out-of-date versions. One solution to this is the Microsoft Security Compliance Manager.
The investigating agency Kaspersky Labs uncovered in mid January that the Red October attackers used the Rhino exploit in Java as an additional delivery vector.