#airnzhobbit

Another great video from Air New Zealand.

The Most Epic Safety Video Ever Made #airnzhobbit

As the official airline of Middle-earth, Air New Zealand has gone all out to celebrate the third and final film in The Hobbit Trilogy – The Hobbit: The Battle of the Five Armies. Starring Elijah Wood and Sir Peter Jackson; we’re thrilled to unveil The Most Epic Safety Video Ever Made.

Posted in Uncategorized | Tagged | Leave a comment

Wednesday WIN (2014-Oct-22)

Top 10 Cycling Excuses – For Climbing

Top 10 Things Not To Wear While Cycling

Top 10 Things Not To Drink While Cycling

Posted in cycling, Wednesday WIN | Tagged | Leave a comment

Tuesday Tunes‬ #179 – Tom Petty

Tom Petty (born October 20, 1950) is an American musician, singer, songwriter, multi-instrumentalist, and record producer. He is best known as the lead vocalist of Tom Petty and the Heartbreakers, but is also known as a member and co-founder of the late 1980s supergroup the Traveling Wilburys (under the pseudonyms of Charlie T. Wilbury, Jr. and Muddy Wilbury) and Mudcrutch.
He has recorded a number of hit singles with the Heartbreakers and as a solo artist, many of which remain heavily played on adult contemporary and classic rock radio. His music has been classified as rock and roll, heartland rock and even stoner rock. His music, and notably his hits, have become popular among younger generations as he continues to host sold-out shows. Throughout his career, Petty has sold more than 80 million records worldwide, making him one of the best-selling artists of all time.[2] In 2002, he was inducted into the Rock and Roll Hall of Fame.

wikipedia

And now for some music …
Continue reading

Posted in music | Tagged , , | Leave a comment

This weeks links (2014-10-20)

Round The Bay 2014

In brief:

* Why #Gamergaters Piss Me The F*** Off (2014-Oct-21) [The Cauldron]
… There’s enough space now for people to make games that are strange and disturbing and maybe highlight a different perspective of the world, because gaming is no longer a niche activity, it’s something that everybody does. There is room for art in video games. That’s awesome! …

* Bupa Around the Bay – Ride for a Child in Need 2014 (2014-Oct-19) [Ride On Magazine]

* Bupa Around the Bay 2014 – Ride for a Child in Need | Bicycle Network (2014-Oct-19) [Flickr]

Cycling:

* The Week in Bike #40: Hostage to Fortune

* Cycling the Himalayas – Part One (2014-Aug) [Cyclingtips]

* Cycling the Himalayas – Part Two (2014-Oct) [Cyclingtips]

2014-15CX-Calendar

* Full Replay | Elite Men’s Race | 2014 UCI Cyclo-Cross World Cup | Valkenburg, Netherlands

* Full Replay | Elite Women’s Race | 2014 UCI Cyclo-Cross World Cup | Valkenburg, Netherlands

Some reading/listening:

* Neil Gaiman: Why our future depends on libraries, reading and daydreaming (2014-Oct-16) [The Guardian]

* The Percy Jackson Problem (2014-Oct-22) [The New Yorker]

Something from Bandcamp:

Five Long Years by Audio Antihero

Posted in links | Leave a comment

Firefox 33.0

Firefox v.33.0 was offered to release channel users on October 13, 2014.

FF33

Fixed in Firefox 33.0 [3]
MFSA 2014-82 Accessing cross-origin objects via the Alarms API
MFSA 2014-81 Inconsistent video sharing within iframe
MFSA 2014-80 Key pinning bypasses
MFSA 2014-79 Use-after-free interacting with text directionality
MFSA 2014-78 Further uninitialized memory use during GIF
MFSA 2014-77 Out-of-bounds write with WebM video
MFSA 2014-76 Web Audio memory corruption issues with custom waveforms
MFSA 2014-75 Buffer overflow during CSS manipulation
MFSA 2014-74 Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)

*NEW* Support for connecting to HTTP proxy over HTTPS
*NEW* Improved reliability of the session restoration

Vulnerability ratings: 3 Critical, 4 High, 2 Moderate
Evaluation: test and update when possible

LINKS:
[1] Firefox features [Mozilla]
[2] Mozilla Firefox 33.0 Release Notes (2014-Oct-13) [Mozilla]
[3] Security Advisories for Firefox [Mozilla]
Posted in firefox, patch, security | Leave a comment

Adobe Patches (Oct-2014)

Adobe has updates for Flash Player and ColdFusion to deploy for this month’s Patch Tuesday

Bulletin Description Impact / Severity Software
APSB14-22 Security updates available for Adobe Flash Player Critical :
Remote Code Execution
Adobe Flash Player, Adobe Air
APSB14-23 Security update: hotfixes available for ColdFusion Important :
Security Feature Bypass
ColdFusion
LINKS:
[1.] Adobe Security Bulletins Posted (2014-Oct-14) [Adobe PSIRT Blog]
Posted in Adobe, patch, Patch_Tuesday, security | Leave a comment

Patch Tuesday Wednesday (Oct-2014)

patch-tuesday This month Microsoft have released eight (8) security bulletins of which three (3) have a maximum rating of Critical and five (5) have a maximum rating of Important.

❝ Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important – to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize deployment planning, we recommend focusing on the Critical updates first. ❞ [1]

Bulletin KB number Description Impact / Severity Software
MS14-056 2987107 Cumulative Security Update for Internet Explorer Critical:
Remote Code Execution
Microsoft Windows, Internet Explorer
MS14-057 3000414 Vulnerabilities in .NET Framework Could Allow Remote Code Execution Critical:
Remote Code Execution
Microsoft Windows, Microsoft .NET Framework
MS14-058 3000061 Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution Critical:
Remote Code Execution
Microsoft Windows
MS14-059 2990942 Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass Important:
Security Feature Bypass
Microsoft Developer Tools
MS14-060 3000869 Vulnerability in Windows OLE Could Allow Remote Code Execution Important:
Remote Code Execution
Microsoft Windows
MS14-061 3000434 Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution Important:
Remote Code Execution
Microsoft Office, Microsoft Office Services, Microsoft Office Web Apps
MS14-062 2993254 Vulnerability in Message Queuing Service Could Allow Elevation of Privilege Important:
Elevation of Privilege
Microsoft Windows
MS14-063 2998579 Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege Important:
Elevation of Privilege
Microsoft windows

PATCH NOW:
* MS14-056 : Microsoft Windows, Internet Explorer : Known exploits in the wild
* MS14-057, MS14-058

Security Advisory 3009008 to address a vulnerability in Secure Sockets Layer (SSL) 3.0

❝ Today, we released Security Advisory 3009008 to address a vulnerability in Secure Sockets Layer (SSL) 3.0 which could allow information disclosure. This is an industry-wide vulnerability that affects the protocol itself, and is not specific to Microsoft’s implementation of SSL or the Windows operating system. ❞ [4]

Mitigating Factors:
* The attacker must make several hundred HTTPS requests before the attack could be successful.
* TLS 1.0, TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.

❝ What should you do: Disable SSLv3. There is no patch for this. SSLv3 has reached the end of its useful life and should be retired. ❞ [5]

Apply Workarounds:
* Disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 in Internet Explorer
To turn off SSLv3 support in Internet Explorer 11:
Setting -> Internet Options -> Advanced Tab -> Uncheck “SSLv3″ under “Security”.
Exit and restart Internet Explorer

LINKS:
[1.] October 2014 Updates (2014-Oct-14) [MS: MSRC]
[2.] Microsoft October 2014 Patch Tuesday (2014-Oct-14) [SANS]
[3.] Microsoft Security Bulletin Summary for September 2014 (2014-Oct-14) [MS]
[4.] Security Advisory 3009008 released (2014-Oct-14) [MS: MSRC]
[5.] SSLv3 POODLE Vulnerability Official Release (2014-Oct-14) [SANS]
Posted in microsoft, patch, Patch_Tuesday, security | Leave a comment