DigiNotar: It turns out that DigiNotar was hacked. A list of known domains for which the attacker managed to create fake certificates can be found at the end of this post.
Facebook: We were far too optimistic about Facebook's "Info accessible through your friends" [to applications] setting. Based on our initial reading of the proposed changes, it appeared that Facebook might be restricting access.
Instead, it appears they are expanding access to "anyone" (but not "everyone"). Clear, right?