Android Falls Short In Security Analysis

We've seen enough news about how Apple's iOS is vulnerable to attack. I think it's only fair that we talk about the shortcomings in its biggest competition, Android. According to a report by Coverity, the popular mobile operating system is home to hundreds of bugs in its kernel with a quarter of those bugs listed as 'high risk' that can be used to exploit user privacy.

Coverity Inc. is in the business of scanning software for potential security vulnerabilities. They recently scanned the open-source Android operating system and discovered 359 bugs. 88 of these are listed as high-risk which according to the report, "include four categories that we have found, through experience and consultation with our customers, to be ones that can cause the most damage and are most likely to be fixed first by developers. These include memory corruptions, illegal memory accesses (e.g., reading beyond the bounds of a memory buffer), resource leaks, and uninitialized variables. "

Let's look at how those bugs compare in the open source world. Coverity claims that the industry average 'defect density' is one defect per every 1,000 lines of code. Android has only half that number, which is impressive until you look at the areas those bugs were found. Most of the code in the operating system is a Linux kernel with custom additions added in, and in the Android specific code, the defect density is twice as high.

more @ http://www.securitypronews.com/insiderreports/insider/spn-49-20101104AndroidFallsShortinSecurityAnalysis.html

Patch Tuesday Visits Office, Forefront

Microsoft has gone through with its most recent round of Patch Tuesday updates, this time focusing on two software products. Microsoft Office contained seven vulnerabilities which were patched and Microsoft Forefront Unified Access Gateway (UAG) was also affected.

Microsoft Office is the collection of several productivity software products: Word, Excel, Outlook, PowerPoint, and OneNote. The vulnerabilities recently patched spanned two security bulletins, MS10-087 and MS10-088. MS10-087 patches five bugs, all of which can allow remote code execution. They affect all versions of Office, including Office for Mac. There are three vulnerabilities having to do with the mishandling of maliciously crafted office files, meaning that a person would need to open that file on their system, but once they did they would have complete control over that system. The other two vulnerabilities deal with the loading of "Rich Text Format" files and DLL files, and are just as dangerous as the others. MS10-088 is specific to PowerPoint and only contains two bugs, although they both can allow remote code execution as well. These are both dealing with maliciously crafted PowerPoint files, one being a buffer overflow and the other an integer underflow.

more @ http://www.securitypronews.com/insiderreports/insider/spn-49-20101111PatchTuesdayVisitsOfficeForefront.html

You My Wang?!

Transformers Energon-os Complete

Unauthorized Access

download @ http://www.megaupload.com/?d=ZHTTDTQH

Sesame Street Drug Bust !!! ( NOT FOR CHILDREN )

The Niggar Family

Yelling At Cats