Is it ethical to, having enough knowledge to suspect there's a vulnerability, to withhold that knowledge from those in a position to fix it? You're keeping many other innocent people at risk with our silence. Software developers make mistakes all the time. There are lots of other people in the world skilled at finding those mistakes. Some of these will use those to attempt to profit, while others want to protect innocent people. It seems strange that you attempt to discount the work of all of the people in that second category. These are the guys that keep the number of 0days down. If they win, you get a monthly security patch from your vendor. If they lose, you get services taken down for weeks due to break-ins and lots of ugly work arounds.
WrongSizeGlass writes "CNET is reporting that a fifth of Android apps expose private data. The Android market threat report details the security issues uncovered. Dozens of apps were found to have the same type of access to sensitive information as known spyware does, including access to the content of e-mail and text messages, phone call information, and device location. 5% of the apps were found to have the ability to make calls, and 2% can send text messages, without the mobile user doing anything."
Start menu, type "Explorer", right-click Windows Explorer, select "Run as administrator", perform administrative tasks, close explorer window.
cweditor writes "A former Medco Health systems administrator was sentenced to 30 months in federal prison and ordered to pay $81,200 in restitution for planting a logic bomb on a network that held customer health care information. The code was designed to delete almost all information on about 70 company servers. This may be longest federal prison sentence for trying to damage a corporate computer system, although Yung-Hsun Lin faced a maximum of 10 years." How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?
A sad tale in which Geek Squad charged $419 to replace a harddrive, and also made the customer retrieve his own data.