
Here they are…
Read full article on wired http://www.wired.com/2014/08/edward-snowden/
Read full article on http://www.huffingtonpost.com/sam-fiorella/the-insidiousness-of-face_b_4365645.html
In-app purchases An app can ask you to make purchases inside the app.
Device & app history
An app can use one or more of the following:
Cellular data settings
An app can use settings that control your mobile data connection and potentially the data you receive.
Identity
An app can use your account and/or profile information on your device.
Identity access may include the ability to:
Contacts/Calendar
An app can use your device’s contacts and/or calendar information.
Contacts and calendar access may include the ability to:
Location
An app can use your device’s location.
Location access may include:
SMS
An app can use your device’s text messaging (SMS) and/or multimedia media messaging service (MMS). This group may include the ability to use text, picture, or video messages.
Note: Depending on your plan, you may be charged by your carrier for text or multimedia messages. SMS access may include the ability to:
Phone
An app can use your phone and/or its call history.
Note: Depending on your plan, you may be charged by your carrier for phone calls.
Phone access may include the ability to:
Photos/Media/Files
An app can use files or data stored on your device.
Photos/Media/Files access may include the ability to:
Camera/Microphone
An app can use your device’s camera and/or microphone.
Camera and microphone access may include the ability to:
Wi-Fi connection information
An app can access your device’s Wi-Fi connection information, like if Wi-Fi is turned on and the name(s) of connected devices.
Wi-Fi connection information access may include the ability to:
Device ID & call information
An app can access your device ID(s), phone number, whether you’re on the phone, and the number connected by a call.
Device ID & call information may include the ability to:
Other
An app can use custom settings provided by your device manufacturer or application-specific permissions.
Note: If an app adds a permission that is in the “Other” group, you’ll always be asked to review the change before downloading an update.
Other access may include the ability to:
When you review individual permissions, all permissions, including those not displayed in the permissions screen, will be shown in the “Other” group.
Written by Dennis Yurichev (yurichev.com).
Praise for the book
- Its very well done .. and for free .. amazing.’ (Daniel Bilar, Siege Technologies, LLC.)
- …excellent and free (Pete Finnigan, Oracle RDBMS security guru.).
- … book is interesting, great job! (Michael Sikorski, author of Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software.)
- … my compliments for the very nice tutorial! (Herbert Bos, full professor at the Vrije Universiteit Amsterdam.)
- … It is amazing and unbelievable. (Luis Rocha, CISSP / ISSAP, Technical Manager, Network & Information Security at Verizon Business.)
- Thanks for the great work and your book. (Joris van de Vis, SAP Netweaver & Security specialist.)
- … reasonable intro to some of the techniques. (Mike Stay, teacher at the Federal Law Enforcement Training Center, Georgia, US.)
As seen on…
… hacker news, reddit #1, #2, #3, habrahabr.
Contents
Topics discussed: x86, ARM.
Topics touched: Oracle RDBMS, Itanium, copy-protection dongles, LD_PRELOAD, stack overflow, ELF, win32 PE file format, x86-64, critical sections, syscalls, TLS, position-independent code (PIC), profile-guided optimization, C++ STL, OpenMP, win32 SEH.
Nir Goldshlager, a security researcher from Salesforce.com’s product security team, has discovered an XML vulnerability that impacts the popular website platforms WordPress and Drupal.
The vulnerability uses a well-known XML Quadratic Blowup Attack — and when executed, it can take down an entire website or server almost instantly.
WordPress and Drupal are used by millions of websites. The latest statistics from the World Wide Web Consortium (WC3) show WordPress alone powers nearly 23% of the web.
http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/
Under root user execute:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password';
Edit your my.cnf, generally located in bind-address = 127.0.0.1.
#bind-address = 127.0.0.1
Restart mysql
service mysql restart
Learn Linux with This Free edX Course from the Linux Foundation
Intro to Linux is normally a $2,400 course from the Linux Foundation, but it’s being offered for free now on edX. If you’ve ever wanted to learn how to use the open source operating system, there’s no better time than now.
Source http://lifehacker.com/learn-linux-with-this-free-edx-course-from-the-linux-fo-1612770920

![]()