Not all clouds are security threats. (flickr.com/kky)

Researchers at North Carolina State University and the University of Oregon have discovered a way to turn cloud computing into hacker heaven.

Disguising data transfers with URL-truncating services like TinyURL or Bit.ly, researchers found that cloud-based processing power intended to shift computing tasks from laptops, tablets and mobile devices could be converted to crack encoded passwords or used for a large scale denial-of-service attack.

WhiteHat Security's Jeremiah Grossman told Dark Reading that cloud browser providers need to "ensure adequate security controls are in place to prevent their end users from abusing the system."

N.C. State researcher William Enck said one key is awareness:

NC State's Enck says there are ways for cloud-based browsing providers to better monitor their traffic -- namely, by associating accounts with the users so they can detect possible abuse or rogue traffic. Just like blacklisting offending IP addresses in a DDoS attack, for example, he says, this would allow cloud browser providers to quash abuse. "It's similar: You can say, 'Here are the clients from where [the traffic] is coming from and the IP addresses.'"

Dark Reading notes that users of the Silk browser on Amazon's Kindle Fire have to register with the service, and each tablet has a unique key that identifies that user and device to the browsing service. The university researchers who discovered these vulnerabilities believe Amazon's strategy is a sound way to keep cloud users honest. They also recommend using CAPTCHAs so potentially malicious cloud users can't write scripts that will automatically create multiple accounts they could later use in large-scale hacks or cyber-attacks.

We're not really looking forward to the day we can say hackers have maliciously used the cloud to "make it rain."

No, not this kind of bug.

The final minute of June 30, 2012 was actually 61 seconds long. The extra, or "leap second" was added to the clock to ensure official time clocks the world over were accurately synchronized to the Earth's rotation. Unfortunately for big-brand websites like Reddit and Gawker, neither Linux nor Java's base application platform were prepared for the change. Wired reports:

Many computing systems use what’s called the Network Time Protocol, or NTP, to keep themselves in sync with the world’s atomic clocks, and when an extra second is added, some just don’t know how to handle it.

Foursquare was among the sites briefly felled by the "leap second's" effect on Linux servers. For the location check-in service this was insult added to injury--Foursquare was also a casualty of the storm-induced outage that took out Amazon Cloud Services on Friday. Neither Opera nor Google was affected by the change--Opera's Marco Marongiu blogged about possible methods of avoiding "leap second" snafus at the beginning of June.

While admins for the sites affected by Saturday's tiny jump forward may grumble, at least adjustments keep the Gregorian Calendar more accurate than the Mayan Calendar. So when the singularity of 12/21/12 hits, it will be right on the money.