* Posts by fcheung

5 posts • joined 23 Mar 2010

Free HTTPS certs for all – Let's Encrypt opens doors to world+dog


Re: What can go wrong?

You can get ssl certificates from many resellers (eg gandi) with the only requirement being proof that you control the domain by hosting a specific file at a specific path or adding a specific DNS record. In that respect lets encrypt is no different (other than the automation)

Ruby on Fails: Zombie SERVER army built thanks to Rails bug


Not sql injection

The vulnerability was unrelated to SQL injection. The problem was a vulnerability in the YAML & XML parsers combined with the fact that rails will automatically deserialize data posted in those formats

AWS CISO needs permission to visit his data centres


Although an unannounced inspection is *exactly* how they stole the vx gas in that classic film, 'The Rock'

Google copyright purge leaves Android developers exposed



Is the concern about android apps entirely well founded? It's not as if every linux app in the world has to be gpl-ed, despite the kernel being licensed under the GPL.

And how directly do android apps use kernel headers ? I wouldn't have though a userland application would need to mess with kernel headers (especially if written in java)

Verizon to launch less than brill billing service


Greedy network operators

The pay off from £1 text message is something like 60-65p. 17.5% of that is VAT, but the network operators take a big slice (and virgin used to take enormous amounts). Last time I looked payforit wasn't any better in that respect.


Biting the hand that feeds IT © 1998–2021