PR Newswire: WhiteSource Unveils Free to Use Vulnerability Checker to Combat Most Critical Open Source Vulnerabilities (PRESS RELEASE). “The new standalone CLI tool is free to use and available for anyone to download directly from the WhiteSource website. Once downloaded, the Vulnerability Checker offers users the opportunity to import and scan any library and run a quick check on the chosen development projects against last month’s top 50 open source vulnerabilities. The Vulnerability Checker compiles a detailed report within minutes after scanning the designated libraries in your command line, highlighting detected vulnerabilities, their severity, paths, as well as links to references and suggested fixes.”
software development
Motherboard: This Coder Fit a Bootable CD and Video Game Into a Tweet
Motherboard: This Coder Fit a Bootable CD and Video Game Into a Tweet. “A few weeks ago, Alok Menghrajani, a security engineer at Square, set out to challenge himself. He wanted to fit a bootable CD-ROM, and a retro video game inside it, into a tweet. The results are pretty cool.”
PRNewswire: NASA Debuts Online Toolkit to Promote Commercial Use of Satellite Data (PRESS RELEASE)
PRNewswire: NASA Debuts Online Toolkit to Promote Commercial Use of Satellite Data (PRESS RELEASE). “While NASA’s policy of free and open remote-sensing data has long benefited the scientific community, other government agencies and nonprofit organizations, it has significant untapped potential for commercialization. NASA’s Technology Transfer program has created an online resource to promote commercial use of this data and the software tools needed to work with it. With the Remote Sensing Toolkit, users will now be able to find, analyze and utilize the most relevant data for their research, business projects or conservation efforts. The toolkit provides a simple system that quickly identifies relevant sources based on user input. The toolkit will help users search for data, as well as ready-to-use tools and code to build new tools.”
A Million Brilliant Moments: Creating the Best of the Web (Medium)
Medium: A Million Brilliant Moments: Creating the Best of the Web. “I love working on Glitch. One of the things I like most is the amazingly creative, friendly, and thoughtful community that I get to work alongside each day. Tech has been getting a good kicking in the media lately, and rightly so. From execs being jerks to privacy woes — at times the outlook for those making tech can seem bleak. But what gives me hope for the future is the genuine positivity and creativity that I see in the Glitch community every single day.”
TechCrunch: Snapchat launches privacy-safe Snap Kit, the un-Facebook platform
TechCrunch: Snapchat launches privacy-safe Snap Kit, the un-Facebook platform. “Today Snapchat finally gets a true developer platform, confirming TechCrunch’s scoop from last month about Snap Kit. This set of APIs lets other apps piggyback on Snap’s login for sign up, build Bitmoji avatars into their keyboards, display public Our Stories and Snap Map content, and generate branded stickers with referral links users can share back inside Snapchat.”
CBR: Flurry of New Tools Aims to Improve Open Source Software Security
CBR: Flurry of New Tools Aims to Improve Open Source Software Security . “With the projected revenue of open source services set to double in the next few years, coupled with the emergence of open source software registries, such as NPM (Node Package Manager) and Nuget, developers are downloading packages from increasingly variegated sources, sometimes with a host of security vulnerabilities. Yet the developer community is taking positive steps to solve this issue.”
TechCrunch: Exploit puts popular web and mobile apps at risk
TechCrunch: Exploit puts popular web and mobile apps at risk. “A new exploit could allow users to bypass security checks in Electron, a popular cross-platform development framework. The exploit, posted by Trustwave, has been patched and developers should update their apps as soon as possible. The exploit could allow cross site scripting in some apps by turning on nodeIntegration, a method that allows the app to not only connect to its own modules but also Node.js modules.”
