I tried out the nice bfbtester tool (Brute Force Binary Tester) today, which performs checks of single and multiple argument command line overflows as well as environment variable overflows and thus helps in finding possibly insecure software (and fixing it, of course).
I'll probably post a slightly longer article eventually, listing some more tools for checking and auditing software (either black-box style using bfbtester or similar tools, or white-box style, i.e. tools which scan the source code of the software being tested, like rats, flawfinder, pscan etc.).
The Flickr blog tells us that Flickr (a site where you can post your photos and tag them, similar to del.icio.us) has been bought by Yahoo. Although they provide some information about what will change and what won't, I'm curious which changes really lie ahead...
A nice quote from the blog entry:
Waaaaaaaah!! I don't want Flickr to change!
Don't forget to breathe. It's not the end, it's the beginning!
Today, I stubled over a new language project of the Wikipedia, the Klingon Wikipedia. No, I don't understand a word, but the mere fact of the existence of this wiki is funny enough for me to post it here.
drupal.org currently carries a story by its author Dries Buytaert where he compares the popularity of CMSes (and blogging systems and forums) using the Alexa traffic ranking service. There's several nice graphs included, so have a look.
Also, there's a similar service called g-metrics.com which can be used to create nice graphs from the number of hits Google returns for a given keyword. See the graph for Drupal for an example.
(via Peter van I. via email and drupal.org)
Probably one of the most important security-related tools, used on a daily basis by many people, has been updated. The new OpenSSH 4.0 has been released a few days ago.
Among the usual bugfixes are also some nifty new features. IMHO a very nice thing is the new (optional) hashing of host names and addresses added to known_hosts files. This improves your privacy, as the list of hosts you connected to in the past, is not easily visible in plain-text anymore.