2012-11-02 front | Hacker News

This is the result of nearly a decade of work from MSFT, across the board. They built better tools, drilled security into every new hire all the way to the execs, made it a part of every engineering and product process imaginable. Happy that is finally being acknowledged on the outside.

12.

No Copyrights on APIs: Help Us Make The Case (eff.org)

13.

Apple has lost their legal claim to the iPhone name in Mexico (phonearena.com)

14.

Android now powers 75% of all smartphones sold (extremetech.com)

15.

Ruby 2.0.0-preview1 is out (nagaokaut.ac.jp)

16.

Whatever It Takes: Visualizations in E-mail with d3.js (parsely.com)

17.

Why I love everything you hate about Java (magicscalingsprinkles.wordpress.com)

18.

Here's the simple rule you need to know when using a foreign ATM (transferwise.com)

mkjones on Nov 2, 2012 | parent | context | on: More than 1MM Facebook accounts exposed

My name is Matt Jones, and I work on the Facbook security team that looked into this tonight. We only send these URLs to the email address of the account owner for their ease of use and never make them publicly available. Even then we put protection in place to reduce the likelihood that anyone else could click through to the account.

For a search engine to come across these links, the content of the emails would need to have been posted online (e.g. via throwaway email sites, as someone pointed out - or people whose email addresses go to email lists with online archives).

As jpadvo surmised, the nonces expire after a period of time. They also only work for certain users, and even then we run additional security checks to make sure it looks like the account owner who's logging in. Regardless, due to some of these links being disclosed, we've turned the feature off until we can better ensure its security for users whose email contents are publicly visible. We are also securing the accounts of anyone who recently logged in through this flow.

In the future if you run into something that looks like a security problem with Facebook, feel free to disclose it responsibly through our whitehat program: https://www.facebook.com/whitehat. That way, in addition to making some money, you can avoid a bunch of script kiddies exploiting whatever the issue is that you've found.

20.

How deep learning on GPUs wins datamining contest without feature engineering (kaggle.com)

21.

Google Nexus 4: Nearly flawless (wired.com)

22.

NoSQL databases benchmark: Cassandra, HBase, MongoDB, Riak (networkworld.com)

23.

Aerographite: six times lighter than air, conductive, and super-strong (extremetech.com)

neya on Nov 2, 2012 | parent | context | on: Apple has lost their legal claim to the iPhone nam...

Here's the brief - There's a telecom company by the name "iFone" in Mexico. And Apple sued them unnecessarily...and lost the case.

"The iFone trademark was filed in Mexico in 2003, a full four years before Apple filed to trademark the iPhone. Despite the rather obvious priority issue, Apple decided to sue iFone in 2009 in an attempt to invalidate the company’s name for being too similar to the iPhone. The predictable response was a countersuit by iFone, and the court battles have been swinging in iFone’s favor ever since."

I think Apple deserves this and perhaps, even more.

25.

Hey, C Is a Functional Language Too (atomicobject.com)

26.

Wiring a Generator to Your House (wattvision.com)

27.

The Architecture of Datomic (infoq.com)

28.

Learn Shen (shenlanguage.org)

29.

How Georgia doxed a Russian hacker (and why it matters) (arstechnica.com)

30.

Chrome Canary for Developers (paulirish.com)