Widespread PHP vulnerability in XML-RPC

I didn’t bother mentioning the new PHP XML-RPC vulnerability to somebody yesterday, assuming they already knew. Alas, they got burned by it so I’m making it a point to mention these things in a widespread generic sense from now on. As such: if you are running PHP content management systems like blogs, postnuke or anything … [Read more]

Domain name dispute in Canadian House of Commons

It’ll be interesting to see what comes of the domain name dispute debate which took place in the House of Commons over same-sex marriage opponents who registered MP’s names as domains and setup websites on them to drum up support for their cause. As Michael Geist comments, the actions are nebulous and under the current … [Read more]

Canadian Anti-Spam Task Force report

Yesterday Industry Canada’s Anti-Spam Task Force delivered its report. Included therein was a group of industry best practices assembled by the Working Group on Network Technology sub-group which I was priviledged to take part in. This analysis is posted on CircleId while Michael Giest, who was on the Task Force and chaired the Legal Issues … [Read more]