first_img Facebook Twitter: @NeosKosmos Instagram After reaching an agreement with the troika on Tuesday, the Greek government now has to prepare legislation for the reforms it agreed with its lenders in the hope that the disbursement of at least 10 billion euros in loans will be approved at an informal Eurogroup meeting due to take place in Athens on April 1.Athens and the troika did not comment publicly on the details of the deal, clinched around lunchtime, apart from Prime Minister Antonis Samaras confirming that social security contributions would be reduced by 3.9 percentage points.Samaras is due to meet Deputy Premier Evangelos Venizelos at the Maximos Mansion on Wednesday to discuss the coalition’s next steps. Government sources said that the two leaders must decide whether the reforms Athens agreed to will be legislated in one multi-bill or if several draft laws will be submitted to Parliament. The coalition aims to pass the measures before the end of the month so eurozone finance ministers can approve the release of the next tranche on April 1. It is not clear how much will be disbursed, though. Greece has a maximum of 11 billion euros to receive from the eurozone and 3.6 billion from the International Monetary Fund.Kathimerini understands that Greece agreed to adopt 75 percent of the 329 liberalization measures recommended by the Organization for Economic Cooperation and Development (OECD). Another 15 percent will be adapted to the specifics of the Greek market, while the remaining 10 percent have been put off for now.Greek officials agreed with the troika to lower fines for the late payment of taxes and to disconnect the public sector mobility scheme from the need for sackings. Administrative Reform Ministry sources said that firings of civil servants would continue in 2015, even after Greece meets it target of 15,000 by the end of this year. However, they added that this would not be part of a pledge to the country’s lenders. They would, instead, be the result of disciplinary measures or the merging and closing down of public bodies.Another sticking point had been the troika’s insistence that Greece change its rules on mass dismissals, which need the labor minister’s approval. Sources said the two parties agreed that the matter should be referred to the International Labor Office, which will be asked to arbitrate on the issue. The two sides also agreed that automatic three-year pay rises for new hires should be reduced by 50 percent from 2017.Heralding the deal with the troika during a televised news conference, Samaras repeated his pledge to give a portion of a projected primary surplus to Greeks on low incomes. “More than 500 million euros will be given immediately to 1 million Greeks,” he said, noting that members of the police and security services on monthly salaries below 1,500 euros would benefit.Another 20 million euros would go toward the growing ranks of the country’s homeless, Samaras said, adding that the state would pay an additional 1 billion euros in debts to suppliers than it had originally budgeted for this year while a further 1 billion euros would go toward reducing the country’s debt.Greece has calculated its primary surplus for this year at 2.9 billion euros but its size is to be confirmed by the European Union’s statistics service Eurostat in April. After that, Greece will be able to distribute the promised handouts. The beneficiaries include more than 400,000 families on low incomes and some 300,000 pensioners, Kathimerini understands.Another 350 million euros from the surplus is to go toward plugging a gap in the country’s social security funds.SYRIZA slammed Tuesday’s agreement with the troika and accused the government of caving in to the lenders’ demands, which would lead to further job losses and wage cuts. “The only truth Mr Samaras told today is that the government kept to its pledges,” said SYRIZA leader Alexis Tsipras. “It kept to them fully and unilaterally – only toward the troika, not the Greek people.”Tsipras said the deal meant that the prime minister would forever be associated with the EU-IMF memorandum. “Mr Samaras is the memorandum,” he added. Source: Kathimerinilast_img read more

Read More

first_imgThese days it is almost impossible to develop in JavaScript without utilizing one of the thousands of open-source JavaScript libraries available. Libraries make coding in JavaScript simpler and more efficient by taking processes that would ordinarily require several lines of code to achieve and simplifying them, usually by creating a single function that can be called. These benefits do not come without risks, however. JavaScript libraries can have security flaws that can make a website using them vulnerable. According to a study conducted by Northeastern University, “more than 37% of websites use at least one library version with a known vulnerability.” Common security vulnerabilities within JavaScript include cross-site scripting, cross-site request forgery, and buffer overflows. Cross-site scripting allows attackers to inject malicious code into trusted web pages, which then serve that malicious code to users that view the site. Cross-site request forgery allows attackers to utilize a user’s browser to take actions on other sites. Buffer overflows occur when attackers send data that is too large for the buffer to hold, resulting in data being written outside of the buffer and allowing attackers to insert malicious code, corrupt data, or crash an application. “The JavaScript ecosystem does not have a robust framework for documenting vulnerabilities within libraries and documenting their effect,” Arnal Dayaratna, research director at IDC, told SD Times. There is no cohesive list of known vulnerabilities that is available for developers to access. JQuery vulnerabilities show up on the CVE website, which is a directory of common security vulnerabilities. However, Angular does not show up on the CVE; it instead uses GitHub CHANGELOG to report security vulnerabilities. Every library handles security information differently, therefore developers cannot rely on a single location to get updated. According to an npm blog post, “It’s common for a modern JavaScript project to depend on 700–1200 packages.” Therefore, it is not practical for developers of these larger-scale projects to be looking online for announcements of vulnerabilities. This is where software composition analysis tools become necessary and extremely helpful. Software composition analysis tools analyze your code and are able to pick out components that are vulnerable. This speeds up the process of detecting vulnerabilities from your site as well as reducing the risk of human error. “Most of the companies that offer software composition analysis tools offer proactive alerting so you don’t even have to be watching it,” says Amy DeMartine, an analyst at Forrester. “They’ll tell you when a new vulnerability gets announced for a version of a component you’re using.”The Northeastern University study found that the median website in its dataset used a library version that was “1,177 days older than the newest release.” Switching to a newer version takes time because testing needs to be done to ensure the newest version is compatible with the existing application or site. Constantly updating to newer versions of libraries could prevent developers from putting their time into new projects, but not keeping current sites free from vulnerabilities is also problematic. If you have a vulnerable site, people are going to stop visiting it, Dayaratna claims. This will cancel out any cost-savings you gained from not updating your site properly.last_img read more

Read More