Software-Programming

Desktop and web applications remain a wasteland of bugs and holes that only a hacker could love, according to a report released Wednesday by a company that conducts independent security audits of code.

A hacker named Steven has posted a video of Ice Cream Sandwich running on the Kindle Fire, along with more information in the XDA Developers forums. The hack is incomplete, lacking support for audio, Wi-Fi, the accelerometer and the light sensor. Also, transitions look a bit choppy, but it's a start.

The hacker plans to start an open source project for Ice Cream Sandwich on the Kindle Fire, and will post his code to it. This was only a matter of time, considering the Android 4.0 code is open source.

A new free tool from OpenDNS promises to make domain name system (DNS) lookups, the conversion of a plain English domain name into a numeric Internet address, more secure. DNSCrypt prevents third parties from intercepting your DNS requests and rewriting them to point your browser, email client, or other software to malicious or fake sites. That may sound like a tedious bit of Internet plumbing, but it profoundly improves your security.

Gordon Lyon is a popular, successful and charismatic open-source software maker. Right now, he's not a happy man.

You probably know him better by his nickname, Fyodor (after Fyodor Dostoyevsky, author of Notes From Undergound). He is the creator and maintainer of the widely-used network auditing and penetration-testing tool Nmap.

A new exploit for a recently fixed vulnerability in Java has been added to the Metasploit penetration testing framework, according to vulnerability management firm Rapid7, which owns the open-source Metasploit Project.

The exploit takes advantage of a flaw in the Java Runtime Environment (JRE) component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier versions, according to a vulnerability summary. Users can unknowingly become infected simply by visiting a malicious website.

UK intelligence service GCHQ has launched a code-breaker challenge to help attract fresh talent.

GCHQ has set up an unbranded website to invite codebreakers. This campaign, which will be supported by social media sites, blogs and forums, is inviting cyber specialists with a "keen interest in code breaking and ethical hacking."

If 1 in 50 people on the Web move from Firefox to Chrome, Google's browser will unseat Mozilla's for the No. 2 spot in worldwide usage. That's because, according to Net Applications' November browser usage measurements, Chrome is now within 4 percentage points of Firefox. With a 2 percentage-point increase in one and a 2-percentage decrease in the other, Google comes out on top.

Researchers at North Carolina State University have uncovered a variety of vulnerabilities in the standard configurations of popular Android smartphones from Motorola, HTC, and Samsung, finding that they don't properly protect privileged permissions from untrusted applications. In a paper just published by researchers Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang, the four outlined how the vulnerabilities could be used by an untrusted application to send SMS messages, record conversations, or even wipe all user data from the handset without needing the user's permission.

Keeping your computer safe is an important part of going online. As well as protecting yourself against viruses, there is also the threat of other forms of malware to consider. Rather than installing a number of different tools to deal with the various kinds of threat that exist, why not turn to a single program that can take care of all of them? Microsoft Security Essentials Beta is an update to the previously released Microsoft Security Essentials.

Still in rough development, a new extension for Google Chrome puts in your hands a useful power tool for separating your data from Facebook apps of dubious origin. Called OOptOut (download), the add-on by Chad Selph helpfully lists above the Facebook header for you any permissions that a newly-installed Facebook app requests.