Posts Tagged ‘Filesystem permissions’

Many WordPress blogs at risk from image-based zero-day vulnerability

Published by pratyushkp on August 3rd, 2011 - in Social, Technology

Image via Wikipedia

Post from Sophosh Authored by Paul Ducklin

Bilocating technology blogger Mark Maunder – he claims to live in Seattle and Cape Town concurrently, though I suspect he means consecutively, and I’ll wager he wisely avoids winter in both of them – recently wrote aboutan intrusion to his WordPress site.

It turns out the backdoor was a previously-unexploited, or at least a previously-undocumented, flaw in a useful little WordPress addon, shared by many WordPress themes, called timthumb.

Twitter Gives Users More Control Over Third Party Apps

Published by pratyushkp on May 19th, 2011 - in Social, Technology

Image via CrunchBase

Twitter has updated its permissions process in an effort to provide users with more transparency and control over what information can be accessed by third-party applications.

When a user first connects an app to her Twitter account, she will now be shown a permissions screen that details what information the app will be able to access, as well as what “activities” they can perform with her account, such as posting tweets, reading tweets, and viewing the accounts she follows. Twitter will also be limiting the access that third party apps have to direct messages.

“Apps that you use to access your direct messages will ask for your permission again. By the end of the month, applications that do not need access to your direct messages will no longer have it, and you can continue to use these apps as usual,” Twitter wrote in a blog post.

Take a look at the apps that you’ve approved to access your account by visiting the Applications page, what apps you’ve approved by visiting the “Applications” page under “Settings.”

Here’s what Twitter’s new permissions screen will look like:

  • Like Facebook, Twitter announces more detailed permissions for third party apps (thenextweb.com)
  • Twitter Offers Better Transparency About What Third-Party Apps Can Do With Your Account (readwriteweb.com)
  • Twitter introduces new restrictions for third-party apps (venturebeat.com)
  • Mission: Permission (twitter.com)
  • Can Twitter Apps Access Your DMs? New Permissions Screen Sheds Light (mashable.com)
  • Twitter Launches New Permissions Screen, Vows to Keep Your Direct Messages Safe (newsgrange.com)
  • Twitter Revokes Automatic 3rd Party DM Access, Gives Users More Details On App Permissions (techcrunch.com)
  • Twitter announces permissions change, frustrates app developers (macworld.com)
  • Twitter expands security controls for third-party apps (electronista.com)
  • ? Twitter’s Shit Sandwich (daringfireball.net)
  • Twitter Extends New OAuth Deadline For Apps Accessing Direct Messages (programmableweb.com)
© Social Media Blog