Imgur’s API exposes the entire Imgur infrastructure via a standardized programmatic interface. Using Imgur’s API, you can do just about anything you can do on imgur.com, while using your programming language of choice.
The Imgur API is a RESTful API based on HTTP requests and XML or JSON responses. If you’re familiar with the APIs of Twitter, Amazon’s S3, del.icio.us, or a host of other web services, you’ll feel right at home.
This version of the API, version 3, uses OAuth 2.0. This means that all requests will need to be encrypted and sent via SSL/TSL to https://. It also means that you need to register your application, even if you aren’t allowing users to login.
FTC’s Second Kids’ App Report Finds Little Progress in Addressing Privacy Concerns Surrounding Mobile Applications for Children
Staff examined hundreds of apps for children and looked at disclosures and links on each app’s promotion page in the app store, on the app developer’s website, and within the app. According to the report, “most apps failed to provide any information about the data collected through the app, let alone the type of data collected, the purpose of the collection, and who would obtain access to the data. Even more troubling, the results showed that many of the apps shared certain information with third parties – such as device ID, geolocation, or phone number – without disclosing that fact to parents. Further, a number of apps contained interactive features – such as advertising, the ability to make in-app purchases, and links to social media – without disclosing these features to parents prior to download.”
Alcatel-Lucent Has a Top-Secret SDN Startup!
Overlay networks as proposed by companies such as Nicira Networks Inc. , now owned by VMware Inc. (NYSE: VMW), are “an important step, but what if you had a data center that had to serve 10,000 customers, and every customer had a complex topology? That’s the real world, and that’s not easy,” Alwan says.
Researchers find crippling flaws in global GPS
A 45-second crafted GPS message could bring down up to 30 percent of the global GPS Continuously Operating Reference Stations (CORS), while other attacks could take down 20 percent of NTRIP networks, security boffins from Carnegie Mellon University and firm Coherent Navigation wrote in a paper. (pdf)
The GPS data level attacks caused more damage than previous spoofing attacks and were able to trigger a remote crash of high-end professional receivers.
Syrian rebels debut homemade fighting vehicle
The Sham II is also outfitted with five cameras — three in the front, one mounted on or near the machine gun, and one in the back — all of which are seemingly controlled by — a Sony PlayStation remote control. It should be noted that, apparently on the side of caution, Syrian rebels have even outfitted the Sham II with an operable headlight.
via Syrian rebels debut homemade fighting vehicle – Threat Matrix.
Tor network used to command Skynet botnet
Security researchers have identified a botnet controlled by its creators over the Tor anonymity network. It’s likely that other botnet operators will adopt this approach, according to the team from vulnerability assessment and penetration testing firm Rapid7.
“One countermeasure that companies or ISPs could eventually enforce in their firewall is to drop all packets that originate from known TOR nodes, in order to minimize the amount of potentially malicious traffic they receive,” Botezatu said. “Of course, they might also end up blacklisting a number of legit Tor users looking for anonymity.”
Authoritarian regimes push for larger ITU role in DNS system
The new proposal specifies that “member states have the right to manage all naming, numbering, addressing and identification resources used for international telecommunications/ICT services within their territories.” This seems to be a challenge to the authority of ICANN and IANA, the quasi-private organizations that currently oversee the allocation of domain names and IP addresses.
via Authoritarian regimes push for larger ITU role in DNS system | Ars Technica.
How Corruption Is Strangling U.S. Innovation
One of the prime drivers of economic growth inside America over the past century has been disruptive innovation; yet the phenomenon that Lessig describes is increasingly being used by large incumbent firms as a mechanism to stave off the process. Given how hard it can be to survive a disruptive challenge, and how effective lobbying has proven in stopping it, it’s no wonder that incumbent firms take this route so often.
via How Corruption Is Strangling U.S. Innovation – James Allworth – Harvard Business Review.
Netflix. Uber. Airbnb. Tesla. Fisker. Most economies would kill to have a set of innovators such as these. And yet at every turn, these companies are running headlong into regulation (or lack thereof) that seems designed to benefit incumbents like NADA and Comcast — regulation that, for some strange reason, policy makers seem extremely reticent to change if it results in upsetting incumbents.
For Riot Games, Big Data Is Serious Business
Once Riot Games opened up a European base of operations, it couldn’t fit all its data into one instance of mySQL. “So we created a separate instance. That was a bad precedent and we needed to change that,” Livingston added. “We moved quickly to Hadoop as a scalable low-cost storage system. We use Hive to overlay an SQL-type interface on top of the Hadoop File System.” That helped scale up, but “the downside is that it takes a long time to spin up to do your queries, some taking a minute or more to complete, so it is difficult to iterate and build complex queries using Hive.”
via For Riot Games, Big Data Is Serious Business.
Part of the challenge is to maintain a level playing field for all players, yet constantly tweaking game play and game mechanics to make it more interesting for returning players: “We need lots of insight so that competitive play will continue to happen. We don’t want different versions of the game for pros and noobs, for example.”
How to detect reverse_https backdoors
According to Mandiant 83% of all backdoors used by APT attackers are outgoing sessions to TCP port 80 or 443. The reason for why APT, as well as other attackers, are using these two ports is primarily because most organizations allow outgoing connections on TCP 80 as well as 443. Many organizations try to counter this by using web-proxies, which can inspect the HTTP traffic and block any malicious behavior. But TCP 443 cannot be inspected in this way since SSL relies on end-to-end encryption.
via How to detect reverse_https backdoors – NETRESEC Blog.
Well, something that many people aren’t aware of is that the initial part of an SSL session isn’t encrypted. In fact, there are some pieces of relevant information being transmitted in clear text, especially the X.509 certificate that is sent from the SSL server.