Blackberry Storm Firmware Updated Two Weeks After Launch

[Peaches]

BlackBerry Storm firmware updated two weeks after launch

Analyst calls quick-fix a 'wake-up call' for normally efficient smart phone maker RIM

"December 9, 2008 (Computerworld)

"Just two weeks after sales of the device began, Verizon Wireless and the maker of the BlackBerry Storm have issued a firmware update, which has raised concerns from some customers.

One customer, in an e-mail to Computerworld, said she might just return the smart phone to Verizon, rather than bother with this or future updates, because of the hassle. "It's great that they have software updates for the phone, but you would think it would just be easier to fix it all before they come out with the phone altogether,' said Jacquelyn Pourroy, who waited in line at a Boston store to purchase her BlackBerry Storm on the first day of sale, Nov. 21.

Pourroy, a chef, said she had a mixed reaction to the device, liking its touchscreen and camera, but disliking several things, including the way it lags between some functions. "There are clear problems with the phone. The sluggishness ... is killing me. It takes quite a while for the phone to flip the screen from horizontal viewing to lateral viewing and back," Pourroy said.

According to documents obtained by Computerworld, Verizon told its customers that the upgrade, called Storm OS 4.7.0.75 (release 107), resolves several problems with intermittent power off and on; intermittent muted incoming audio while using voice-activated dialing; intermittent incomplete dialing when dialing *86; and intermittent problems with audio volumes increased to the highest level for users on wired."

full story here: http://www.computerworld.com/action/articl...ticleId=9123059

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Facebook ignores huge security hole for four months

And counting

By Dan Goodin in San Francisco

10th December 2008 01:45 GMT

"Facebook has been sitting on a nasty website flaw that for four months has made its users susceptible to malware and forgery attacks.

The cross-site scripting (XSS) error can be plainly demonstrated here and here. It allows a miscreant to trick a user into believing he is visiting Facebook when the vast majority of the content is being supplied by a website of the attacker's choice.

XSS vulnerabilities are by far the most prevalent type of website vulnerability, according to a new report (PDF) issued Tuesday by White Hat Security, a firm that specializes in website security. They allow attackers to inject code and graphics into familiar websites, creating opportunities to install malware and phish account details even as a browser's address bar bears the name of Google.com, Facebook.com or some other website the user trusts.

In many cases, XSS flaws are self-replicating, as was the case with the so-called Samy worm, which knocked MySpace out of commission after it added more than a million users to the creator's friends page. The JS-Yamanner exploit that hit Yahoo mail in 2006 and last year's quick-moving attack targeting Google Orkut are two other examples of web worms gone wild.:"

Full story: http://www.theregister.co.uk/2008/12/10/fo..._facebook_hole/