Profile

Cover photo
Jon Larimer
Works at Google
Lives in Atlanta
1,972 followers|324,242 views
AboutPostsPhotos

Stream

Jon Larimer

Shared publicly  - 
 
Our next generation of back yard terrorbirds.

Includes bonus cat!
5
Add a comment...

Jon Larimer

Shared publicly  - 
 
Hogs & Hops festival at the Masquerade yesterday
1
Add a comment...
 
+S. Larimer giving our hen Regina a haircut.

It's not for fashion, though. She was attacked by a hawk last week. We took her to the vet and she's fine now, but this is the 3rd time she's been attacked while the other chickens haven't been ever.

The problem is her fabulous hair-do. The feathers on her head obstruct her vision so she can't see the hawks flying around looking for dinner. We gave her a trim and she should be safe for another few months.
4
1
Omari Stephens's profile photoS. Larimer's profile photo
 
"Gimme the reverse mullet," she says. "It'll be fine," she says.
Add a comment...

Jon Larimer

Discussion  - 
 
 
Following public discussion of vulnerabilities in versions of Webkit last week, I’ve had a number of people ask questions about security of browsers and WebView on Android 4.3 (Jellybean) and earlier. I want to provide an update on what we’re doing and guidance on steps that users and developers can take to be safe, even if your device is not yet running Lollipop. 

Keeping software up to date is one of the greatest challenges in security. Google invests heavily in making sure Android and Chrome are as safe as possible and doing so requires that they be updated very frequently.  With Google’s assistance, Android device manufacturers (OEMs) have been moving rapidly to improve the rate that devices are updated and to ship devices with the most recent versions of Android. We provide patches for the current branch of Android in the Android Open Source Project (AOSP)[https://source.android.com/] and directly provide Android partners with patches for at least the last two major versions of the operating system.  

Improving WebView and browser security is one of the areas where we’ve made the greatest progress.  Android 4.4 (KitKat) allows OEMs to quickly deliver binary updates of WebView provided by Google, and in Android 5.0 (Lollipop), Google delivers these updates directly via Google Play, so OEMs won’t need to do anything.  Until recently we have also provided backports for the version of WebKit that is used by Webview on Android 4.3 and earlier. But WebKit alone is over 5 million lines of code and hundreds of developers are adding thousands of new commits every month, so in some instances applying vulnerability patches to a 2+ year old branch of WebKit required changes to significant portions of the code and was no longer practical to do safely. With the advances in Android 4.4, the number of users that are potentially affected by legacy WebKit security issues is shrinking every day as more and more people upgrade or get new devices.

There are also steps users and developers can take to mitigate the risk of potential exploitation of WebKit vulnerabilities without updating to Lollipop. Using a browser that is updated through Google Play and using applications that follow security best practices by only loading content from trusted sources into WebView will help protect users.

When browsing on any platform, you should make sure to use a browser that provides its own content renderer and is regularly updated. For instance on Android, Chrome [http://goo.gl/elSkZX] or Firefox [http://goo.gl/Q5X6e3] are both great options since they are securely updated through Google Play often: Chrome is supported on Android 4.0 and greater, Firefox supports Android 2.3 and greater. Chrome has been the default browser for all Nexus and Google Play edition devices since 2012 and is pre-installed on many other popular devices (including Galaxy devices from Samsung, the G series from LG, the HTC One series, and the Motorola X and G), so you may already be using it.

Using an updatable browser will protect you from currently known security issues, and since it can be updated in the future it will also protect you against any issues that might be found in the future. It will also allow you to take advantage of new features and capabilities that are being introduced to these browsers. 

If you are an application developer, there are also steps you should take to keep users safe. Application developers should make sure that they are following all security best practices[http://goo.gl/b6a3ta]. In particular, to resolve this issue when using WebView[http://goo.gl/FKeouw], developers should confirm that only trusted content (e.g. loaded from a local source or over HTTPS) is displayed within WebViews in their application. For maximum security when rendering content from the open web, consider providing your own renderer on Android 4.3 and earlier so that you can keep it up to date with the latest security patches.
129 comments on original post
5
Add a comment...
 
Hello west coast!

Half Moon Bay, CA
6
Add a comment...
 
I've seen quite a few bad Year in Photos videos but mine is actually pretty good
1
Add a comment...
In their circles
364 people
Have them in circles
1,972 people
Samson Idakwo's profile photo
Frank Reinders's profile photo
Orlando Skosana's profile photo
Azevedo Alves Gabrielle's profile photo
Scott Lund's profile photo
Ursula Finn's profile photo
amir zamli's profile photo
Yauhen Patsel's profile photo
Gerd “trekkie3k” Fleischer's profile photo
 
In my back yard, we have one rule: No chickens on the deck!

They never listen :(
1
Richard Vowles's profile photo
 
We had a fence. 
Add a comment...
 
I guess the spicy chicken was a bit too spicy this morning...

http://www.ajc.com/news/news/fire-damages-popeyes-restaurant-on-boulevard/nkYyK/

I eat there like once a week so hopefully it opens back up soon. Glad nobody was hurt!
A northeast Atlanta fast food restaurant was damaged by a fire that broke out around daybreak Wednesday.
1
S. Larimer's profile photo
 
Noooooooooooooooooooo!
Add a comment...
 
Google Fiber is coming to Atlanta
Atlanta, Fiber is coming. Get the latest updates and track our progress.
12
Fred Richards's profile photoKelvin Williams's profile photoCharlie “Maveric” Smith's profile photo4 Seasons Heating & Air's profile photo
4 comments
 
so excited!
Add a comment...

Jon Larimer

Shared publicly  - 
 
Luckily I'm an adult so I can eat as much pizza as I want.
Kids in the United States eat so much pizza that some researchers now argue the food should join the ranks of sugary drinks and fast foods.
1
N' Betz's profile photo
N' Betz
 
some researchers now argue the food should join the ranks of sugary drinks and fast foods
wtf ?
Wasn't it considered fastfood before that in the U.S. ?
I mean, PizzaHut/Domino's pizza style are clearly fastfood. Italian pizzas in a restaurant, that's different. :p
Add a comment...
 
Sunset from Kroger on NYE, with 191 Peachtree in the background and the American flag flapping gloriously in the wind.

I'll give you one guess which Kroger this was...
4
Natey Nukez's profile photoJon Larimer's profile photoZeke Cao's profile photo
4 comments
 
I used to work in that parking lot. Before they remodeled it. So what did we win?
Add a comment...

Jon Larimer

Shared publicly  - 
 
Tree is UP!

+S. Larimer 
8
1
Jon Larimer's profile photomichael hartman's profile photoKevin McMullin's profile photo
2 comments
 
On the bottom? Who cares? i couldn't tell until i looked closely enough
Add a comment...
People
In their circles
364 people
Have them in circles
1,972 people
Samson Idakwo's profile photo
Frank Reinders's profile photo
Orlando Skosana's profile photo
Azevedo Alves Gabrielle's profile photo
Scott Lund's profile photo
Ursula Finn's profile photo
amir zamli's profile photo
Yauhen Patsel's profile photo
Gerd “trekkie3k” Fleischer's profile photo
Work
Occupation
Computer stuff
Skills
Computering
Employment
  • Google
    Security Engineer, 2011 - present
    Android Security Team
  • IBM
    Senior Security Researcher (X-Force), 2009 - 2011
  • nCircle
    Senior Software Developer, 2004 - 2009
    nCircle was bought by Tripwire
  • Internet Security Systems
    Security Researcher (X-Force), 1998 - 2004
    ISS was bought by IBM
Story
Tagline
Jon.
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Atlanta
Previously
Pennsylvania