Interesting day today; TeamSHATTER believes Oracle is misleading database customers, iPhones are spying on their users and Facebook launches discount deals in five test cities.
Is That Critical Patch Really Critical?
Oracle patched 73 vulnerabilities this week with 18 of the fixes connected to the Oracle Sun Products suite, eight updates for Open Office suite, six for Oracle’s Fusion Middleware, six updates for Oracle Database with only two that could be remotely exploitable without authentication. Four of the database flaws were found by Application Security, Inc.’s TeamSHATTER.
TeamSHATTER believes Oracle is misleading their database customers during the Critical Patch Updates when it comes to how they classify vulnerabilities. Surveys and reports show that most companies are behind when it comes to rolling out CPUs. Many companies rely on the Common Vulnerability Scoring System to determine whether a patch requires immediate action; they often choose not to apply a patch if a flaw is not reported as critical. Unfortunately, Oracle downplays the severity of vulnerabilities, interpreting the ‘Complete’ impact rating in a ‘favorable-for-Oracle way.
It’s 10PM, Do You Know Where Your iPhone has Been?
A secret file, stored on your iPhone, tracks your phones location, the time it was at the location and then stores the information to a hidden file on the phone. This file, which is stored by default, is not encrypted and there is no evidence that the file is sent back to Apple.
The Wall Street Journal has been reporting on smart phone apps that collect and report your personal data to third-party companies without your consent, since December 2010.
A class-action suit has been filed against Apple, saying that the iOS 4’s location-based service is a privacy invasion and puts users at risk of stalking. Researchers were also concerned that the information is stored in an unencrypted file and
transferred to the user’s PC when the phones are sync’d with the computer.
When questioned by a user, Steve Jobs responded “We don’t track anyone. The info circulating around is false.”
Facebook and Discounts: Groupon Move Over
Facebook goes into competition with sites like Groupon and LivingSocial with the launch of ‘Deals on Facebook’. Deals are currently available in Atlanta, Austin, Dallas, San Diego and San Francisco, with plans to add additional cities in the future.
Users will be able to find deals on Facebook by getting updates via email and notifications. Deals your friends buy will appear on your news feed, if they choose to share, and a new Deals tab will appear on your home page.