These pair of bills (Senate and House) need to be defeated. The PROTECT IP Act and the Stop Online Piracy Act both go to far. I don't object to the original intent, necessary, to give copyright holders more capabilities to block those people who are infringing on their legitimate rights, however, these bills are overreaching and put the power in the wrong hands (government driven by business).
Please sign up at americancensorship.organd help stop these from being passed.
While trying to look up options for testing SQL injection, I came a cross a few you may want to try. I have not tried all of these, but it seems that there isn't a good list of them around that Google can find, so I'm going to make one here. YMMV
Turns out that Google uses tokens for authentication that have an unreasonable lifetime. This isn't the real issue. The problem is that when your phone connects to an open wifi network, the phone attempts to reconnect to all the services, including your Google accounts. This is where your contacts are stored. So...sniff the AuthToken, use it later to authenticate/sync to an account, and wah-lah, p0wn3d.
When I clicked on an email notification from Facebook I got the error "Only the recipient of a message may view it." My default browser is Chrome, and when it opened up the link, this is what I got. I cut/pasted the link into IE9 and it opened right up. Seems like Facebook has a problem with Chrome at this point.
This is a great article which flushes out a lot of the key things I look for in a good information security professional. If you have this knowledge and mindset, you will always have job security in the information security business.
This is going to be an issue going forward for a large number of users if Facebook doesn't do something different with how they handle applications. Using iframes creates an abstraction that users can't see. The linked Trend Micro blog has this right. Maybe there will be other protections, but at this point it doesn't look good.
As I type this, I am sitting in an car repair shop using my Sprint HTC Evo 4G to run PDANet (Android USB tethering application for Internet access) connected to my netbook, using my noise canceling head phones to listen to PaulDotCom (security podcast) using Car Cast Pro (Android podcast downloader/player) as well as updating my podcast feeds. Android and good Internet access is all good...