Digital Trends reported on Google App Engine’s vulnerability to attack.

According to a report released on Seclist.org’s Full Disclosure, a new set of vulnerabilities could leave Google’s App Engine open to attack from a rudimentary Java exploit.

Seven different unpatched holes were discovered by Adam Gowdiak, CEO of the Polish security firm Security Explorations. The exploit uses the cloud platform Google App Engine to launch a defunct string of Java code, which can then be executed to break out of the first-layer sandbox and wreak havoc on protected areas of Google’s servers.

David Arnott wrote on Nashville Business Journal about Google Photos uploading photos even if you don’t want it to.

Five weeks later, on a whim, I figured I’d see if Google Photos had made any tweaks and re-downloaded the app. Instead of my pair of test photos, I saw hundreds of images. They weren’t synced from my phone in that moment, because I always delete photos from my device once they’ve been uploaded. My phone must have been uploading pictures to Google Photos even though I didn’t even have Google Photos on my phone. […]

All I had to do to turn my phone into a stealth Google Photos uploader was to turn on the backup sync, then uninstall the app. Whereas one might reasonably believe uninstalling the app from the phone would stop photos from uploading automatically to Google Photos, the device still does it even in the app’s absence. Since making this discovery, I have re-created the issue multiple times in multiple settings on my Galaxy S5.

I reached out to Google, and after reaching someone on the phone and describing the issue, was told to wait for a comment. Several hours later, I received a terse email that said, “The backup was as intended.” If I want to stop it from happening, I was told I’d have to change settings in Google Play Services.

Be careful what you’re getting yourself into with a free app. If you’re not paying, you’re the product.

Tim Murtaugh wrote on A List Apart about the latest Flash zero day vulnerability.

Flash gets updated a lot, often for security purposes. What usually happens is a security firm, or a hacker looking for a bounty, or Adobe itself will find a vulnerability, and the Flash team will quietly patch their software before the exploit becomes widely known. This time, the exploit is already out there, and is quickly making its way into malware tools.

So, I assume you’re already multi-tasking and disabling Flash in your browsers. (Here’s how to disable Flash in Chrome. And Safari. And Firefox. And IE.)

I recommend a better practice. Don’t even install Flash.

Ars Technica reported on how standing still caused HTC to lose half of its market cap in four months.

Have you heard about HTC lately? 2015 is shaping up to be an awful year for the company. In March the company had a market cap of $4.06 billion, and today—only a few months later—it’s worth less than half of that. The stock price, at about two bucks a share, is at a 10-year low. HTC just wrapped up the second quarter of 2015, where it posted a net loss of$258 million. And the trend is downwards—year over year, HTC’s monthly revenue was down 38% in April, 48% in May, and 60% in June. Will July be even worse? HTC is back to being that struggling OEM that feels like it could be permanently knocked out of the race at any time. There’s even been talk of the company being acquired.

The race to the bottom is always ugly.

The folks over at The Sweet Setup have done a nice review of the current crop of Read It Later services. If you’re just getting into the act of saving articles for offline reading, it’s a good place to start.

But even more importantly, you don’t always have time to read an article the first moment you come across it. Ideally, you could have a place to store those articles for later when you actually have the time to curl up on that couch. Depending on the website, reading on the web can often be a hostile experience with distracting ads, over-pagination, requests to sign up for newsletters, and spammy “promoted stories from around the web” cluttering up your reading and making you question the moral fabric of human civilization.

Read-it-later services can solve all of these problems, helping you save articles to read on your preferred device in a much friendlier, more beautiful format. You could think of these services like Tivo for the Internet. As you browse the web during the day, you can pick and choose the things you want to read, and at night, instead of continuing to browse, you have a hand-picked selection of great material ready for you to read.

My first encounter with these apps was with Marco Arment’s Instapaper, which I loved to bits. Eventually I moved to Pocket and stayed there till today. Deciding on which one to use is really more a matter of preference, so go ahead and try whichever one you please.

NextShark reported on Doug Menuez, the man who spent 3 years with Steve Jobs after he got fired from Apple.

Menuez on entrepreneurship:

I think there’s a lot of exciting stuff happening all over the world. There’s a whole new generation of young, hungry entrepreneurs and innovators coming and I wanna help inspire through sharing stories. One of the feedbacks that I get is that people don’t always realize how hard it was in the 80s and the sacrifices that were made, and I think that helps people when they start hitting the wall. If you’re in your first startup and you’re hitting a wall, it’s pretty frustrating and pretty scary and frightening, and it’s good to know what other people went through just so you have some solidarity and keep fighting. Steve [Jobs] failed for 10 years; he struggled and failed and he was humiliated by the press after he left Apple. A lot of people today don’t realize it. They know how successful he is today, but they don’t realize how hard he worked to make the comeback.