7 Reasons Why You Should NOT Eat Breakfast

Breakfast. Image credit: Andreza Pinheiro.

I've always been told that skipping breakfast is unhealthy. So, I found the article from StrongLifts.com below to be eye-opening.

Motor Trend Car Of The Year: 2010 Ford Fusion

The newly-refreshed 2010 Ford Fusion was just named MotorTrend's Car Of The Year for 2010. Not a bad choice in our opinion as Ford's got the most money to spend on marketing. Also, the car's damn good.

(Via Jalopnik: Top.)

Study indicates MacBooks are pretty reliable

A laptop reliability study conducted by Squaretrade reveals most reliable laptop manufactures. The sample size was from over 30,000 devices over a 3 year lifetime. No big surprises here as the cheaper bargain laptops and netbooks round out the highest failure rates and the more expensive systems last longer. The linked PDF is full of pretty graphs which is always a win.

Of personal importance is my current laptop manufacturer of choice the Macbook Pro's ranking in the study.

[via Engadget]

Metasploit Framework 3.3 Released Today

The Metasploit Framework 3.3 was released today (Tue, Nov 17th.)

Tons of bug fixes and more exploits for us to play pentest with!

(via SANS Internet Storm Center.)

Strong Contender for Worst Idea of the Year: Adobe Flash 10.1 Adds Hardware Video Acceleration

I'm not claiming to be an expert on how Macromedia / Adobe Flash is bolted together nor it's security architecture, however adding an API to allow any website to stream HD video to directly to the video card sounds like a terrible idea on the level of badness equal to ActiveX. Makes you wonder what the QA cycle for video card drivers is like.

Luckily, Adobe has only announced support of this new reason to keep all us security folks employed HD Video Acceleration for Microsoft operating systems at this time.

(Feature announcement via Lifehacker.)

Oh, and here's some performance benchmarks from anandtech

Google Chrome OS To Launch Within A Week

Google's Chrome OS project, first announced in July, will become available for download within a week, we've heard from a reliable source. Google previously said to expect an early version of the OS in the fall.

(Via Linux.com :: Features.)

99 Problems

Source:

Top 10 Risks to Web Applications

OWASP has published a release-candidate report of the top 10 risks they foresee to web applications in 2010.

Summary:

1. Injection


2. Cross Site Scripting (XSS)


3. Broken Authentication and Session Management


4. Insecure Direct Object References


5. Cross Site Request Forgery (CSRF)


6. Security Misconfiguration


7. Failure to Restrict URL Access


8. Unvalidated Redirects and Forwards


9. Insecure Cryptographic Storage


10. Insufficient Transport Layer Protection